Own threat modeling across our entire surface area: multi-tenant training infrastructure, sandboxed execution environments, API surfaces, and internal tooling
Design and implement zero-trust networking, identity, and access control across distributed GPU clusters and cloud infrastructure
Build secure-by-default patterns for our platform engineers — auth, secrets management, supply chain integrity, container hardening
Architect tenant isolation and data boundary enforcement for hosted RL training workloads (customers run arbitrary code in our environments)
Develop security frameworks specific to AI infrastructure: model weight protection, training data isolation, checkpoint integrity, gradient privacy
Secure the RL training loop end-to-end — from environment execution in sandboxes to reward signal verification and model artifact storage
Build detection and prevention for AI-specific attack vectors: prompt injection across agentic pipelines, model exfiltration, adversarial environment manipulation
Scope, manage, and run point on external penetration tests across our platform, hosted training infrastructure, and liquid compute layer
Build and maintain an internal red-teaming practice — automated and manual — targeting our most critical systems
Drive vulnerability management: triage, remediation SLAs, and root cause analysis
Build security monitoring and alerting across infrastructure (distributed clusters, Kubernetes, cloud) and application layers
Implement runtime security for containerized training workloads and sandboxed environments
Own incident response — build the playbooks, run the drills, lead the post-mortems
Design audit logging and forensic capability across all customer-facing systems
Drive SOC 2 Type II readiness and other compliance frameworks required by enterprise customers
Own the security narrative for customer-facing materials — questionnaires, architecture reviews, trust documentation
Partner with GTM to unblock enterprise deals that depend on security posture.

Requirements

5+ years in security engineering, infrastructure security, or offensive security roles
Deep experience with cloud security (GCP preferred), Kubernetes security, and container runtime hardening
Hands-on ability to read, write, and audit code in Python and Rust (or strong systems-level language)
Experience with network security in distributed systems — service mesh, mTLS, network segmentation across heterogeneous hardware
Proven track record managing external penetration tests and translating findings into engineering action
Strong fundamentals in cryptography, identity/access management, and secure software development lifecycle.

Benefits

Cash Compensation Range of $180-350k+ with significant equity incentives
Flexible work arrangement (remote or San Francisco office)
Full visa sponsorship and relocation support
Professional development budget for courses and conferences
Regular team off-sites and conference attendance

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

threat modelingzero-trust networkingidentity and access controlsecurity frameworksvulnerability managementruntime securitypenetration testingcryptographysecure software development lifecyclenetwork security

Soft Skills

incident responseleadershipcommunicationproject managementcollaboration