Infrastructure Security Engineer

We are seeking a passionate and pragmatic Infrastructure Security Engineer to join our Platform team. In this role, you’ll help design, implement, and scale security controls across a global infrastructure. You will work closely with engineers responsible for Linux, Kubernetes, CI / CD, storage, and shared compute systems to ensure that security is embedded into the foundations of how our platforms are operated and expanded.

This position is ideal for someone who enjoys solving complex infrastructure challenges through security lens. You’ll take a hands-on approach to strengthening authentication, secrets management, and access controls — while developing the tooling and automation that make secure-by-default the standard for engineering teams.

As part of a small, fast-moving group within the Platform department, you’ll directly influence the auditability, integrity, and resilience of the systems that underpin critical business operations.

Core Responsibilities

• Enhance authentication and secure identity propagation in critical systems using OIDCOAuth2, LDAP, and Kerberos protocols
• Manage and streamline PKI and TLS certificate processes, enabling secure service-toservice and user authentication across environments
• Design and implement authorization and secure access flows across the infrastructure and data technology stack
• Build automation around HashiCorp Vault for secrets lifecycle management and integration into engineering workflows
• Develop infrastructure-as-code and policy-as-code solutions to enforce access and secrets policies at scale
• Partner with Platform and Engineering teams to establish secure default configurations and benchmarks
• Contribute to documentation, RFCs, and onboarding to ensure safe and effective adoption of new security measures
• Participate in platform threat modeling and security design reviews

Skills and Experience