CrawlJobs Logo

Staff Infrastructure Security Engineer

United States, San Francisco 210000.00 - 265000.00 USD / Year · Job Posted February 21, 2026
Apply Position
Job Link Share

Job Description

Crusoe’s mission is to accelerate the abundance of energy and intelligence. We’re seeking a Staff Infrastructure Security Engineer to secure the foundations of Crusoe Cloud, our purpose-built compute platform for AI and high-performance workloads. This role focuses on designing and embedding security controls directly into our global infrastructure, enabling customers to train advanced models within a trusted, secure-by-default environment. You’ll operate at the intersection of infrastructure, security, and reliability; architecting identity, network, and cloud security systems that scale with a high-growth cloud provider.

Job Responsibility

  • Architecting security controls across compute, networking, and storage layers of a global cloud platform
  • Championing Infrastructure-as-Code (IaC) standards (e.g., Terraform) to enforce secure defaults, immutability, and drift detection
  • Building automated security guardrails embedded directly into CI/CD and deployment pipelines
  • Collaborating on a centralized Vault-as-a-Platform service to manage secrets, encryption keys, and internal PKI
  • Designing and operating certificate lifecycles (X.509, SSH) to support secure machine-to-machine trust
  • Driving adoption of short-lived, Just-In-Time (JIT) access models to reduce standing privileges and improve auditability
  • Securing core network foundations, including global DNS architecture, service discovery, and network authentication systems
  • Designing and maintaining authentication controls for network infrastructure to ensure secure, monitored access
  • Partnering closely with infrastructure, platform, and SRE teams to identify and remediate security gaps in foundational systems

Requirements

  • 8+ years of hands-on experience in infrastructure engineering, SRE, or security engineering
  • Deep understanding of security principles across the stack, from Linux and container runtimes to cloud control planes
  • Proven experience using Infrastructure-as-Code (Terraform) to manage complex, multi-environment infrastructure at scale
  • Strong knowledge of cryptography, secrets management, PKI, and modern authentication standards
  • Experience securing public cloud (AWS, GCP) and/or bare-metal environments
  • Strong networking fundamentals, including routing, segmentation, firewalls, and Zero Trust architectures
  • Hands-on experience with Kubernetes and container security, including secure secrets injection into microservices
  • Fluency in at least one programming language (Go or Python preferred) for automation and tooling

Nice to have

  • Experience building or operating internal security platforms (e.g., Vault-as-a-Service)
  • Background securing high-scale cloud or AI infrastructure
  • Experience implementing Zero Trust identity architectures end-to-end
  • Familiarity with bare-metal provisioning and data center security considerations

What we offer

  • Bonus
  • Restricted Stock Units

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Staff Infrastructure Security Engineer

8 matching positions

Staff Infrastructure Security Engineer

We’re seeking a Staff Infrastructure Security Engineer to architect and operatio...
Location
Location
United States , San Francisco; Bellevue; Sunnyvale; Denver
Salary
Salary:
210000.00 - 265000.00 USD / Year
crusoe.ai Logo
Crusoe
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of hands-on experience in cloud security, DevOps, or infrastructure engineering
  • Deep, production-grade experience deploying and operating HashiCorp Vault in enterprise environments (Enterprise edition strongly preferred)
  • Expert knowledge of secrets management, cryptography, PKI/X.509 certificate authorities, and trust systems
  • Strong experience with Google Cloud Platform (GCP) and cloud-native IAM models
  • Proven expertise using Infrastructure-as-Code tools (Terraform) to automate security platforms
  • Hands-on experience with Kubernetes and securely integrating secrets into microservices architectures
  • Fluency in at least one programming language (Go or Python preferred) for automation and tooling
  • Strong understanding of network security fundamentals, including segmentation, firewalls, routing, and Zero Trust concepts
Job Responsibility
Job Responsibility
  • Architecting a highly available, disaster-resilient, multi-cluster secrets management platform as the foundation of our Zero Trust strategy
  • Driving Vault from PoC to enterprise-grade production, establishing standards, reliability, and scalability
  • Leading cross-functional alignment with Cloud Engineering, DevOps, and SRE teams on secure secret management workflows embedded into the SDLC
  • Designing and enforcing governance controls to meet internal policies and external compliance requirements (e.g., SOX, ISO 27001)
  • Implementing Policy as Code using Sentinel to automate guardrails and access decisions
  • Engineering Vault infrastructure using Terraform with fully automated, reproducible, and version-controlled deployments
  • Architecting integrations between Vault, identity providers (e.g., Okta), and workload identities (e.g., Kubernetes Service Accounts)
  • Configuring and tuning core Vault secrets engines (KV, Transit, KMIP) and Enterprise features such as performance replication and automated sealing
  • Operationalizing “Vault as a Service” through paved-road onboarding, self-service workflows, and clear developer documentation
  • Building observability across the platform, including monitoring, alerting, audit logging, and usage insights
What we offer
What we offer
  • Industry competitive pay
  • Restricted Stock Units in a fast growing, well-funded technology company
  • Health insurance package options that include HDHP and PPO, vision, and dental for you and your dependents
  • Employer contributions to HSA accounts
  • Paid Parental Leave
  • Paid life insurance, short-term and long-term disability
  • Teladoc
  • 401(k) with a 100% match up to 4% of salary
  • Generous paid time off and holiday schedule
  • Cell phone reimbursement
  • Fulltime
Read More
Arrow Right

Staff Infrastructure Security Engineer

We're building security systems for medical technology that handles sensitive da...
Location
Location
Australia , Sydney
Salary
Salary:
Not provided
heidihealth.com Logo
Heidi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Comfortable owning ambiguous problems end-to-end, from threat modelling to design to implementation to rollout
  • Strong domain understanding of cloud, identity, and networking fundamentals and how they fail in practice
  • Able to build durable systems: automated controls, paved paths, and reliable feedback loops
  • Works independently with stakeholders, aligns on trade-offs, and drives decisions without needing constant direction
  • Raises the bar for engineering teams by teaching patterns, writing clear docs, and improving defaults
Job Responsibility
Job Responsibility
  • Design and implement identity, network, and platform controls that reduce risk while keeping delivery fast
  • Build scalable security guardrails for infrastructure changes through infrastructure-as-code and delivery pipelines (policy checks, safe defaults, automated verification)
  • Improve service-to-service security patterns (workload identity, service authentication, secrets usage) in partnership with platform and application teams
  • Strengthen data and storage controls (encryption, key management, backup and recovery security, database hardening)
  • Reduce infrastructure attack vectors through hardening, configuration baselines, and continuous posture assessment
  • Improve supply chain integrity for infrastructure artefacts (build provenance, dependency and image integrity, SBOMs)
  • Contribute to the wider security program by turning requirements into platform capabilities and paved paths that teams can adopt with minimal friction
What we offer
What we offer
  • Flexible hybrid working environment, with 3 days in the office
  • A generous personal development budget of $500 per annum
  • Learn from some of the best engineers and creatives, joining a diverse team
  • Become an owner, with shares (equity) in the company, if Heidi wins, we all win
  • The rare chance to create a global impact as you immerse yourself in one of Australia’s leading healthtech startups
  • If you have an impact quickly, the opportunity to fast track your startup career
  • Fulltime
Read More
Arrow Right

Staff Infrastructure Security Engineer

Crusoe's mission is to accelerate the abundance of energy and intelligence. We’r...
Location
Location
United States , San Francisco; Bellevue; Sunnyvale; Denver
Salary
Salary:
Not provided
crusoe.ai Logo
Crusoe
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years (or equivalent) hands-on experience in cloud security, DevOps, or infrastructure engineering
  • Deep expertise and proven track record deploying and managing HashiCorp Vault in an enterprise environment (experience with the Enterprise edition is highly preferred)
  • Expert-level knowledge of Secrets Management, X.509 PKI (Public Key Infrastructure), Certificate Authority Operations, and Cryptography concepts
  • Strong experience with Google Cloud Platform (GCP) and cloud native identity and access management (IAM)
  • Proficiency with Infrastructure as Code (IaC) tools, especially Terraform, for automating the deployment and configuration of Vault and its dependent infrastructure
  • Fluent in at least one programming language (ideally Go or Python)
  • Demonstrable experience with Kubernetes and container security principles, especially integrating secrets into microservices architectures
  • Strong understanding of network security concepts (IP addressing, IP routing, firewalls, segmentation, Zero Trust)
Job Responsibility
Job Responsibility
  • Strategic Architecture & Governance: Architect a highly available, disaster-resilient, and scalable multi-cluster secrets management platform that serves as the foundation for the organization’s Zero Trust strategy
  • Technical Leadership: Drive consensus across Cloud Engineering, DevOps, and SRE teams to define standardized secret management workflows and integrate security patterns into the SDLC
  • Compliance & Governance: Ensure the platform design meets rigorous internal policies and external compliance frameworks (e.g., SOX, ISO 27001)
  • Policy as Code: Design and implement advanced governance controls, including Sentinel Policy as Code, to automate security guardrails and access decisions
  • Platform Engineering & Implementation: Infrastructure as Code (IaC): Lead the engineering of the Vault infrastructure using Terraform, ensuring all deployments are reproducible, version-controlled, and automated
  • Identity Integration: Architect the integration between the secrets platform, Identity Providers (Okta), and workload identities (Kubernetes Service Accounts) to establish robust machine-to-machine authentication
  • Advanced Secrets Capabilities: Configure and tune essential secrets engines (KV, Transit, KMIP) and Enterprise features (Performance Replication, Seal automation) to support diverse engineering use cases
  • Operational Excellence & Developer Enablement: Vault as a Service (VaaS): Operationalize the platform by building self-service mechanisms, distinct "paved road" onboarding procedures, and documentation that allows engineering teams to easily consume security services
  • Observability: Implement comprehensive monitoring, alerting, and audit logging to ensure platform health, provide visibility into usage patterns, and satisfy audit requirements
  • Lifecycle Management: Own the full operational lifecycle of the production environment, including patching, version upgrades, backup/restore procedures, and incident response runbooks
What we offer
What we offer
  • Industry competitive pay
  • Restricted Stock Units in a fast growing, well-funded technology company
  • Health insurance package options that include HDHP and PPO, vision, and dental for you and your dependents
  • Employer contributions to HSA accounts
  • Paid Parental Leave
  • Paid life insurance, short-term and long-term disability
  • Teladoc
  • 401(k) with a 100% match up to 4% of salary
  • Generous paid time off and holiday schedule
  • Cell phone reimbursement
  • Fulltime
Read More
Arrow Right

Senior Staff Security Infrastructure Engineer

Bloomreach is building the world’s premier agentic platform for personalization....
Location
Location
Czechia , Bratislava; Brno; Prague
Salary
Salary:
Not provided
bloomreach.com Logo
Bloomreach
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years of relevant experience
  • proficiency in cloud security, network security, URL filtering, common security frameworks, and CVE lifecycle management
  • practical IaC and scripting for automation
  • strong cross-functional and external communication
  • experience mentoring junior staff
  • hands-on cloud security for AWS and GCP: design secure architectures, perform threat modeling, apply platform-native controls, and build/validate secure IaC
  • SIEM ownership and detection engineering: deploy, configure, tune, and maintain SIEM
  • author and test detection rules and playbooks
  • integrate data sources
  • and operate with SLA-driven alerting and incident workflows
Job Responsibility
Job Responsibility
  • owns current and target-state data architectures and reporting
  • designing, implementing, and monitoring cloud (AWS/GCP) infrastructure security controls
  • deploying, securing, configuring, and operating SIEM and other security resources
  • identifying, triaging, and remediating infrastructure and web vulnerabilities
  • leading incident triage and external-researcher engagement
  • mentoring junior staff
What we offer
What we offer
  • A great deal of freedom and trust
  • flexible working hours
  • virtual-first work with several Bloomreach Hubs
  • company events
  • 5 paid days off to volunteer
  • People Development Program
  • communication coach available
  • Leader Development Program
  • $1,500 professional education budget annually
  • Employee Assistance Program with counselors
  • Fulltime
Read More
Arrow Right

Senior Staff Security Infrastructure Engineer

Bloomreach is building the world’s premier agentic platform for personalization....
Location
Location
Slovakia , Bratislava; Brno; Prague
Salary
Salary:
5000.00 EUR / Month
bloomreach.com Logo
Bloomreach
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years of relevant experience
  • proficiency in cloud security, network security, URL filtering, common security frameworks, and CVE lifecycle management
  • practical IaC and scripting for automation
  • strong cross-functional and external communication
  • experience mentoring junior staff
  • Hands-on cloud security for AWS and GCP: design secure architectures, perform threat modeling, apply platform-native controls, and build/validate secure IaC
  • SIEM ownership and detection engineering: deploy, configure, tune, and maintain SIEM
  • author and test detection rules and playbooks
  • integrate data sources
  • and operate with SLA-driven alerting and incident workflows
Job Responsibility
Job Responsibility
  • Owns current and target-state data architectures and reporting
  • designing, implementing, and monitoring cloud (AWS/GCP) infrastructure security controls
  • deploying, securing, configuring, and operating SIEM and other security resources
  • identifying, triaging, and remediating infrastructure and web vulnerabilities
  • leading incident triage and external-researcher engagement
  • and mentoring junior staff
What we offer
What we offer
  • Restricted stock units
  • company performance bonus
  • great deal of freedom and trust
  • flexible working hours
  • work virtual-first
  • company events
  • 5 paid days off to volunteer
  • People Development Program
  • communication coach available
  • Leader Development Program
  • Fulltime
Read More
Arrow Right

Staff+ Software Engineer, Security Infrastructure

The Verkada Security Team is a software engineering team at its core- we build t...
Location
Location
United States , San Mateo
Salary
Salary:
200000.00 - 300000.00 USD / Year
verkada.com Logo
Verkada
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor of Science in Computer Science degree or equivalent
  • 7+ years of experience as a software engineer that has worked on security problems
  • interest in security weaknesses, attacks, and mitigations
  • experience leveraging AI as you build
  • excellent collaborative skills
  • outstanding written and verbal communication
  • must be willing and able to work onsite five days per week
Job Responsibility
Job Responsibility
  • Scale Verkada’s security in the SDLC through automation, libraries, tools and frameworks
  • write code in a variety of technology stacks and collaborate with engineering teams
  • lead initiatives to eliminate classes of vulnerabilities from Verkada
  • build tools to make it easy for Verkada’s software engineers to do the right thing for security
  • leverage AI to automate Verkada’s security engineering practices
  • collaborate with other engineering leaders to define, communicate, and execute on security goals, priorities and process
  • collaborate with the CISO and security team to grow the broader Verkada security and privacy programs
  • share your security experience with other teams internally and externally via security conferences, presentations, blogs and open source
What we offer
What we offer
  • Healthcare programs - Premiums are 100% covered for the employee under at least one plan and 80% for family premiums under all plans
  • Nationwide medical, vision and dental coverage
  • Health Saving Account (HSA) with annual employer contributions and Flexible Spending Account (FSA) with tax saving options
  • Expanded mental health support
  • Paid parental leave policy & fertility benefits
  • Time off through our paid holidays, firmwide extended holidays, flexible PTO and personal sick time
  • Professional development stipend
  • Fertility Stipend
  • Wellness/fitness benefits
  • Healthy lunches provided daily
  • Fulltime
Read More
Arrow Right
New

Staff Security Engineer, Enterprise Security Architecture

Aurora’s mission is to deliver the benefits of self-driving technology safely, q...
Location
Location
United States , Detroit
Salary
Salary:
171000.00 - 273000.00 USD / Year
aurora.tech Logo
Aurora Innovation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of professional experience in Information Security, Enterprise Architecture, Security Engineering, or related technical leadership capacities
  • 5+ years specifically focused on designing enterprise-scale security architectures across diverse domains, including endpoint, network, infrastructure, vulnerability management, resilience, and enterprise platforms
  • Demonstrated success in developing enterprise security architecture strategies, reference architectures, and scalable technical standards
  • Extensive technical depth in Zero Trust principles, enterprise security frameworks, and modern backend or enterprise security architecture design patterns
  • Comprehensive knowledge of core enterprise security domains, including endpoint security, network security, PKI, enterprise vulnerability management, resilience, data protection, and governance integration
  • Proven ability to translate governance, compliance, and strategic business requirements into actionable technical architecture and implementation guidance
  • Experience representing security interests within architecture review boards, governance committees, or enterprise-wide design councils
  • Advanced familiarity with enterprise infrastructure, SaaS ecosystems, internal platforms, and the strategic integration of security tooling
  • Adept at evaluating technical tradeoffs, identifying scalability constraints, and assessing the long-term implications of enterprise security architecture decisions
  • Exceptional documentation skills, including the creation of detailed architecture diagrams, technical standards, and strategic narratives for executive leadership
Job Responsibility
Job Responsibility
  • Define and champion Aurora’s enterprise security architecture strategy, roadmap, and target-state operating model across enterprise and backend operational security domains
  • Develop enterprise security reference architectures, design patterns, and technical standards for endpoint security, network security, infrastructure security, enterprise vulnerability management, data protection, resilience, enterprise platforms, and security tooling
  • Translate security strategy, governance requirements, and business priorities into scalable technical architecture and implementation guidance
  • Partner with GRC to operationalize security policies, standards, and control objectives into practical enterprise security architectures
  • Support and influence Aurora’s broader Enterprise Architecture Committee by representing enterprise security priorities, technical standards, and strategic design principles
  • Participate in architecture review boards, design committees, and strategic planning forums to ensure enterprise security alignment across major initiatives
  • Architect secure solutions for workforce platforms, enterprise systems, internal infrastructure, and backend operational ecosystems using Zero Trust principles and modern security frameworks
  • Guide enterprise security design for endpoint security, network security, PKI, enterprise vulnerability management, BCP/DR, data security, enterprise infrastructure, and security tooling modernization
  • Provide architectural oversight for major enterprise security initiatives, ensuring scalability, interoperability, governance alignment, and reduced fragmentation
  • Partner with Security Engineering, GRC, Cloud Security, IT, Product Security, and IAM teams to align technical security capabilities while maintaining clear domain boundaries
What we offer
What we offer
  • Annual bonus
  • Equity compensation
  • Benefits
  • Fulltime
Read More
Arrow Right

Staff Enterprise Security Engineer, AI Security

As a Staff Enterprise Security Engineer, you will be a technical leader within t...
Location
Location
Ireland
Salary
Salary:
Not provided
stytch.com Logo
Stytch
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in security engineering or infrastructure security
  • 2+ years of experience leading teams in a technical capacity or leading technical risk analysis in an enterprise environment
  • Expertise in cloud security (AWS, GCP) and container security (Kubernetes)
  • Proven track record of designing and deploying complex security systems at scale
  • Strong proficiency in programming languages such as Python, Go, or Java
Job Responsibility
Job Responsibility
  • Design and implement secure reference architectures for Enterprise AI platforms that secures every Twilion’s engagement with them, ensuring data integrity, regulatory compliance, and resilience against evolving AI threats
  • Establish a definitive framework for AI vetting, driving the cultural and policy shifts needed to institutionalize this strategic mindset across the organization
  • Collaborate with cross functional partners to develop and set the long term roadmap for agentic AI identity and posture management, ensuring cohesive strategies for reducing risk from agentic AI use
  • Maintain and improve our enterprise security posture through high-quality code (Python, Go, or similar) and automated infrastructure management via IAC
  • Act as a technical mentor to junior engineers and a strategic advisor to leadership on the evolving AI landscape
What we offer
What we offer
  • Competitive pay
  • Generous time off
  • Ample parental and wellness leave
  • Healthcare
  • Retirement savings program
  • Fulltime
Read More
Arrow Right