CrawlJobs Logo

Staff Infrastructure Security Engineer

Australia, Sydney · Job Posted February 18, 2026
Apply Position
Job Link Share

Job Description

We're building security systems for medical technology that handles sensitive data and supports critical healthcare decisions. Security and data protection are core to what we build. In this role you'll work across cloud and platform foundations to make secure-by-default infrastructure the easiest path for engineers.

Job Responsibility

  • Design and implement identity, network, and platform controls that reduce risk while keeping delivery fast
  • Build scalable security guardrails for infrastructure changes through infrastructure-as-code and delivery pipelines (policy checks, safe defaults, automated verification)
  • Improve service-to-service security patterns (workload identity, service authentication, secrets usage) in partnership with platform and application teams
  • Strengthen data and storage controls (encryption, key management, backup and recovery security, database hardening)
  • Reduce infrastructure attack vectors through hardening, configuration baselines, and continuous posture assessment
  • Improve supply chain integrity for infrastructure artefacts (build provenance, dependency and image integrity, SBOMs)
  • Contribute to the wider security program by turning requirements into platform capabilities and paved paths that teams can adopt with minimal friction

Requirements

  • Comfortable owning ambiguous problems end-to-end, from threat modelling to design to implementation to rollout
  • Strong domain understanding of cloud, identity, and networking fundamentals and how they fail in practice
  • Able to build durable systems: automated controls, paved paths, and reliable feedback loops
  • Works independently with stakeholders, aligns on trade-offs, and drives decisions without needing constant direction
  • Raises the bar for engineering teams by teaching patterns, writing clear docs, and improving defaults

What we offer

  • Flexible hybrid working environment, with 3 days in the office
  • A generous personal development budget of $500 per annum
  • Learn from some of the best engineers and creatives, joining a diverse team
  • Become an owner, with shares (equity) in the company, if Heidi wins, we all win
  • The rare chance to create a global impact as you immerse yourself in one of Australia’s leading healthtech startups
  • If you have an impact quickly, the opportunity to fast track your startup career

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Staff Infrastructure Security Engineer

8 matching positions

Staff Infrastructure Security Engineer

Crusoe’s mission is to accelerate the abundance of energy and intelligence. We’r...
Location
Location
United States , San Francisco
Salary
Salary:
210000.00 - 265000.00 USD / Year
crusoe.ai Logo
Crusoe
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of hands-on experience in infrastructure engineering, SRE, or security engineering
  • Deep understanding of security principles across the stack, from Linux and container runtimes to cloud control planes
  • Proven experience using Infrastructure-as-Code (Terraform) to manage complex, multi-environment infrastructure at scale
  • Strong knowledge of cryptography, secrets management, PKI, and modern authentication standards
  • Experience securing public cloud (AWS, GCP) and/or bare-metal environments
  • Strong networking fundamentals, including routing, segmentation, firewalls, and Zero Trust architectures
  • Hands-on experience with Kubernetes and container security, including secure secrets injection into microservices
  • Fluency in at least one programming language (Go or Python preferred) for automation and tooling
Job Responsibility
Job Responsibility
  • Architecting security controls across compute, networking, and storage layers of a global cloud platform
  • Championing Infrastructure-as-Code (IaC) standards (e.g., Terraform) to enforce secure defaults, immutability, and drift detection
  • Building automated security guardrails embedded directly into CI/CD and deployment pipelines
  • Collaborating on a centralized Vault-as-a-Platform service to manage secrets, encryption keys, and internal PKI
  • Designing and operating certificate lifecycles (X.509, SSH) to support secure machine-to-machine trust
  • Driving adoption of short-lived, Just-In-Time (JIT) access models to reduce standing privileges and improve auditability
  • Securing core network foundations, including global DNS architecture, service discovery, and network authentication systems
  • Designing and maintaining authentication controls for network infrastructure to ensure secure, monitored access
  • Partnering closely with infrastructure, platform, and SRE teams to identify and remediate security gaps in foundational systems
What we offer
What we offer
  • Bonus
  • Restricted Stock Units
  • Fulltime
Read More
Arrow Right

Staff Infrastructure Security Engineer

We’re seeking a Staff Infrastructure Security Engineer to architect and operatio...
Location
Location
United States , San Francisco; Bellevue; Sunnyvale; Denver
Salary
Salary:
210000.00 - 265000.00 USD / Year
crusoe.ai Logo
Crusoe
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of hands-on experience in cloud security, DevOps, or infrastructure engineering
  • Deep, production-grade experience deploying and operating HashiCorp Vault in enterprise environments (Enterprise edition strongly preferred)
  • Expert knowledge of secrets management, cryptography, PKI/X.509 certificate authorities, and trust systems
  • Strong experience with Google Cloud Platform (GCP) and cloud-native IAM models
  • Proven expertise using Infrastructure-as-Code tools (Terraform) to automate security platforms
  • Hands-on experience with Kubernetes and securely integrating secrets into microservices architectures
  • Fluency in at least one programming language (Go or Python preferred) for automation and tooling
  • Strong understanding of network security fundamentals, including segmentation, firewalls, routing, and Zero Trust concepts
Job Responsibility
Job Responsibility
  • Architecting a highly available, disaster-resilient, multi-cluster secrets management platform as the foundation of our Zero Trust strategy
  • Driving Vault from PoC to enterprise-grade production, establishing standards, reliability, and scalability
  • Leading cross-functional alignment with Cloud Engineering, DevOps, and SRE teams on secure secret management workflows embedded into the SDLC
  • Designing and enforcing governance controls to meet internal policies and external compliance requirements (e.g., SOX, ISO 27001)
  • Implementing Policy as Code using Sentinel to automate guardrails and access decisions
  • Engineering Vault infrastructure using Terraform with fully automated, reproducible, and version-controlled deployments
  • Architecting integrations between Vault, identity providers (e.g., Okta), and workload identities (e.g., Kubernetes Service Accounts)
  • Configuring and tuning core Vault secrets engines (KV, Transit, KMIP) and Enterprise features such as performance replication and automated sealing
  • Operationalizing “Vault as a Service” through paved-road onboarding, self-service workflows, and clear developer documentation
  • Building observability across the platform, including monitoring, alerting, audit logging, and usage insights
What we offer
What we offer
  • Industry competitive pay
  • Restricted Stock Units in a fast growing, well-funded technology company
  • Health insurance package options that include HDHP and PPO, vision, and dental for you and your dependents
  • Employer contributions to HSA accounts
  • Paid Parental Leave
  • Paid life insurance, short-term and long-term disability
  • Teladoc
  • 401(k) with a 100% match up to 4% of salary
  • Generous paid time off and holiday schedule
  • Cell phone reimbursement
  • Fulltime
Read More
Arrow Right

Staff Infrastructure Security Engineer

Crusoe's mission is to accelerate the abundance of energy and intelligence. We’r...
Location
Location
United States , San Francisco; Bellevue; Sunnyvale; Denver
Salary
Salary:
Not provided
crusoe.ai Logo
Crusoe
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years (or equivalent) hands-on experience in cloud security, DevOps, or infrastructure engineering
  • Deep expertise and proven track record deploying and managing HashiCorp Vault in an enterprise environment (experience with the Enterprise edition is highly preferred)
  • Expert-level knowledge of Secrets Management, X.509 PKI (Public Key Infrastructure), Certificate Authority Operations, and Cryptography concepts
  • Strong experience with Google Cloud Platform (GCP) and cloud native identity and access management (IAM)
  • Proficiency with Infrastructure as Code (IaC) tools, especially Terraform, for automating the deployment and configuration of Vault and its dependent infrastructure
  • Fluent in at least one programming language (ideally Go or Python)
  • Demonstrable experience with Kubernetes and container security principles, especially integrating secrets into microservices architectures
  • Strong understanding of network security concepts (IP addressing, IP routing, firewalls, segmentation, Zero Trust)
Job Responsibility
Job Responsibility
  • Strategic Architecture & Governance: Architect a highly available, disaster-resilient, and scalable multi-cluster secrets management platform that serves as the foundation for the organization’s Zero Trust strategy
  • Technical Leadership: Drive consensus across Cloud Engineering, DevOps, and SRE teams to define standardized secret management workflows and integrate security patterns into the SDLC
  • Compliance & Governance: Ensure the platform design meets rigorous internal policies and external compliance frameworks (e.g., SOX, ISO 27001)
  • Policy as Code: Design and implement advanced governance controls, including Sentinel Policy as Code, to automate security guardrails and access decisions
  • Platform Engineering & Implementation: Infrastructure as Code (IaC): Lead the engineering of the Vault infrastructure using Terraform, ensuring all deployments are reproducible, version-controlled, and automated
  • Identity Integration: Architect the integration between the secrets platform, Identity Providers (Okta), and workload identities (Kubernetes Service Accounts) to establish robust machine-to-machine authentication
  • Advanced Secrets Capabilities: Configure and tune essential secrets engines (KV, Transit, KMIP) and Enterprise features (Performance Replication, Seal automation) to support diverse engineering use cases
  • Operational Excellence & Developer Enablement: Vault as a Service (VaaS): Operationalize the platform by building self-service mechanisms, distinct "paved road" onboarding procedures, and documentation that allows engineering teams to easily consume security services
  • Observability: Implement comprehensive monitoring, alerting, and audit logging to ensure platform health, provide visibility into usage patterns, and satisfy audit requirements
  • Lifecycle Management: Own the full operational lifecycle of the production environment, including patching, version upgrades, backup/restore procedures, and incident response runbooks
What we offer
What we offer
  • Industry competitive pay
  • Restricted Stock Units in a fast growing, well-funded technology company
  • Health insurance package options that include HDHP and PPO, vision, and dental for you and your dependents
  • Employer contributions to HSA accounts
  • Paid Parental Leave
  • Paid life insurance, short-term and long-term disability
  • Teladoc
  • 401(k) with a 100% match up to 4% of salary
  • Generous paid time off and holiday schedule
  • Cell phone reimbursement
  • Fulltime
Read More
Arrow Right

Senior Staff Security Infrastructure Engineer

Bloomreach is building the world’s premier agentic platform for personalization....
Location
Location
Czechia , Bratislava; Brno; Prague
Salary
Salary:
Not provided
bloomreach.com Logo
Bloomreach
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years of relevant experience
  • proficiency in cloud security, network security, URL filtering, common security frameworks, and CVE lifecycle management
  • practical IaC and scripting for automation
  • strong cross-functional and external communication
  • experience mentoring junior staff
  • hands-on cloud security for AWS and GCP: design secure architectures, perform threat modeling, apply platform-native controls, and build/validate secure IaC
  • SIEM ownership and detection engineering: deploy, configure, tune, and maintain SIEM
  • author and test detection rules and playbooks
  • integrate data sources
  • and operate with SLA-driven alerting and incident workflows
Job Responsibility
Job Responsibility
  • owns current and target-state data architectures and reporting
  • designing, implementing, and monitoring cloud (AWS/GCP) infrastructure security controls
  • deploying, securing, configuring, and operating SIEM and other security resources
  • identifying, triaging, and remediating infrastructure and web vulnerabilities
  • leading incident triage and external-researcher engagement
  • mentoring junior staff
What we offer
What we offer
  • A great deal of freedom and trust
  • flexible working hours
  • virtual-first work with several Bloomreach Hubs
  • company events
  • 5 paid days off to volunteer
  • People Development Program
  • communication coach available
  • Leader Development Program
  • $1,500 professional education budget annually
  • Employee Assistance Program with counselors
  • Fulltime
Read More
Arrow Right

Senior Staff Security Infrastructure Engineer

Bloomreach is building the world’s premier agentic platform for personalization....
Location
Location
Slovakia , Bratislava; Brno; Prague
Salary
Salary:
5000.00 EUR / Month
bloomreach.com Logo
Bloomreach
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years of relevant experience
  • proficiency in cloud security, network security, URL filtering, common security frameworks, and CVE lifecycle management
  • practical IaC and scripting for automation
  • strong cross-functional and external communication
  • experience mentoring junior staff
  • Hands-on cloud security for AWS and GCP: design secure architectures, perform threat modeling, apply platform-native controls, and build/validate secure IaC
  • SIEM ownership and detection engineering: deploy, configure, tune, and maintain SIEM
  • author and test detection rules and playbooks
  • integrate data sources
  • and operate with SLA-driven alerting and incident workflows
Job Responsibility
Job Responsibility
  • Owns current and target-state data architectures and reporting
  • designing, implementing, and monitoring cloud (AWS/GCP) infrastructure security controls
  • deploying, securing, configuring, and operating SIEM and other security resources
  • identifying, triaging, and remediating infrastructure and web vulnerabilities
  • leading incident triage and external-researcher engagement
  • and mentoring junior staff
What we offer
What we offer
  • Restricted stock units
  • company performance bonus
  • great deal of freedom and trust
  • flexible working hours
  • work virtual-first
  • company events
  • 5 paid days off to volunteer
  • People Development Program
  • communication coach available
  • Leader Development Program
  • Fulltime
Read More
Arrow Right

Staff+ Software Engineer, Security Infrastructure

The Verkada Security Team is a software engineering team at its core- we build t...
Location
Location
United States , San Mateo
Salary
Salary:
200000.00 - 300000.00 USD / Year
verkada.com Logo
Verkada
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor of Science in Computer Science degree or equivalent
  • 7+ years of experience as a software engineer that has worked on security problems
  • interest in security weaknesses, attacks, and mitigations
  • experience leveraging AI as you build
  • excellent collaborative skills
  • outstanding written and verbal communication
  • must be willing and able to work onsite five days per week
Job Responsibility
Job Responsibility
  • Scale Verkada’s security in the SDLC through automation, libraries, tools and frameworks
  • write code in a variety of technology stacks and collaborate with engineering teams
  • lead initiatives to eliminate classes of vulnerabilities from Verkada
  • build tools to make it easy for Verkada’s software engineers to do the right thing for security
  • leverage AI to automate Verkada’s security engineering practices
  • collaborate with other engineering leaders to define, communicate, and execute on security goals, priorities and process
  • collaborate with the CISO and security team to grow the broader Verkada security and privacy programs
  • share your security experience with other teams internally and externally via security conferences, presentations, blogs and open source
What we offer
What we offer
  • Healthcare programs - Premiums are 100% covered for the employee under at least one plan and 80% for family premiums under all plans
  • Nationwide medical, vision and dental coverage
  • Health Saving Account (HSA) with annual employer contributions and Flexible Spending Account (FSA) with tax saving options
  • Expanded mental health support
  • Paid parental leave policy & fertility benefits
  • Time off through our paid holidays, firmwide extended holidays, flexible PTO and personal sick time
  • Professional development stipend
  • Fertility Stipend
  • Wellness/fitness benefits
  • Healthy lunches provided daily
  • Fulltime
Read More
Arrow Right

Staff Software Engineer - Security Infrastructure

We enable Plaid to quickly build safe and secure products while ensuring that Pl...
Location
Location
United States
Salary
Salary:
172368.00 - 370800.00 USD / Year
plaid.com Logo
Plaid
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong Software Engineering skills: 8+ years of experience building distributed systems, backend services, or infrastructure
  • You are "security-curious": understand the fundamentals of security (encryption, auth protocols like OIDC/OAuth, network security)
  • You think at a system-level: can visualize complex dependencies and design solutions that work across dozens of microservices
  • You are a Partner: can communicate complex security requirements to product managers and engineers with empathy and clarity
Job Responsibility
Job Responsibility
  • Design & Code: Write high-quality, scalable code to enhance product security or support security functions
  • Architect: Lead the technical design of complex, cross-functional security systems
  • Consult & Embed: Act as a security subject matter expert for other engineering teams
  • Operate: Own your systems in production
  • Innovate: Contribute to the broader security industry
  • Fulltime
Read More
Arrow Right
New

Staff Security Engineer, Enterprise Security Architecture

Aurora’s mission is to deliver the benefits of self-driving technology safely, q...
Location
Location
United States , Detroit
Salary
Salary:
171000.00 - 273000.00 USD / Year
aurora.tech Logo
Aurora Innovation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of professional experience in Information Security, Enterprise Architecture, Security Engineering, or related technical leadership capacities
  • 5+ years specifically focused on designing enterprise-scale security architectures across diverse domains, including endpoint, network, infrastructure, vulnerability management, resilience, and enterprise platforms
  • Demonstrated success in developing enterprise security architecture strategies, reference architectures, and scalable technical standards
  • Extensive technical depth in Zero Trust principles, enterprise security frameworks, and modern backend or enterprise security architecture design patterns
  • Comprehensive knowledge of core enterprise security domains, including endpoint security, network security, PKI, enterprise vulnerability management, resilience, data protection, and governance integration
  • Proven ability to translate governance, compliance, and strategic business requirements into actionable technical architecture and implementation guidance
  • Experience representing security interests within architecture review boards, governance committees, or enterprise-wide design councils
  • Advanced familiarity with enterprise infrastructure, SaaS ecosystems, internal platforms, and the strategic integration of security tooling
  • Adept at evaluating technical tradeoffs, identifying scalability constraints, and assessing the long-term implications of enterprise security architecture decisions
  • Exceptional documentation skills, including the creation of detailed architecture diagrams, technical standards, and strategic narratives for executive leadership
Job Responsibility
Job Responsibility
  • Define and champion Aurora’s enterprise security architecture strategy, roadmap, and target-state operating model across enterprise and backend operational security domains
  • Develop enterprise security reference architectures, design patterns, and technical standards for endpoint security, network security, infrastructure security, enterprise vulnerability management, data protection, resilience, enterprise platforms, and security tooling
  • Translate security strategy, governance requirements, and business priorities into scalable technical architecture and implementation guidance
  • Partner with GRC to operationalize security policies, standards, and control objectives into practical enterprise security architectures
  • Support and influence Aurora’s broader Enterprise Architecture Committee by representing enterprise security priorities, technical standards, and strategic design principles
  • Participate in architecture review boards, design committees, and strategic planning forums to ensure enterprise security alignment across major initiatives
  • Architect secure solutions for workforce platforms, enterprise systems, internal infrastructure, and backend operational ecosystems using Zero Trust principles and modern security frameworks
  • Guide enterprise security design for endpoint security, network security, PKI, enterprise vulnerability management, BCP/DR, data security, enterprise infrastructure, and security tooling modernization
  • Provide architectural oversight for major enterprise security initiatives, ensuring scalability, interoperability, governance alignment, and reduced fragmentation
  • Partner with Security Engineering, GRC, Cloud Security, IT, Product Security, and IAM teams to align technical security capabilities while maintaining clear domain boundaries
What we offer
What we offer
  • Annual bonus
  • Equity compensation
  • Benefits
  • Fulltime
Read More
Arrow Right