Lead Security Software Engineer - Cloud & Infrastructure Security

About Our TeamAt OpenAI, security is integral to our commitment to ensuring that artificial general intelligence serves the greater good for all of humanity.The Security team plays a vital role in safeguarding OpenAI’s technology, personnel, and products. We emphasize a technical approach to our projects while maintaining operational excellence in our execution. Our guiding principles focus on driving impactful results, empowering researchers, preparing for future innovations, and fostering a strong security culture.About the PositionWe are looking for a Principal Security Engineer to strengthen our Infrastructure Security (InfraSec) team. The InfraSec team is responsible for fortifying the core of OpenAI’s research and production ecosystems, which include GPU supercomputing clusters, multi-cloud solutions, data centers, networking, storage systems, and the essential services that support our advanced AI models. This role encompasses securing everything from bare-metal hardware and firmware to Kubernetes clusters, service meshes, and access pathways for sensitive model weights and user data.As a Principal Engineer, you will establish technical direction and lead high-impact infrastructure security initiatives, collaborating with diverse teams across OpenAI to implement sustainable controls that enhance our security posture on a large scale.Key Responsibilities:Take ownership of end-to-end security outcomes for critical infrastructure sectors, including developing multi-quarter strategies, roadmaps, and execution plans.Develop and implement security controls across various layers (e.g., physical hardware, firmware/BMC, OS, Kubernetes, networks, CI/CD) to protect against advanced threats and insider risks.Lead collaborative programs to roll out security enhancements and adjustments across extensive infrastructure, ensuring a balance between security, reliability, and operational speed.Adopt a generalist perspective in developing security measures, blending specialized security knowledge with a broad technical skill set to address evolving challenges.Oversee threat modeling and design evaluations for significant infrastructure modifications, ensuring robust security foundations and operational excellence.Mentor and elevate engineers within InfraSec and partner teams, contributing to a vibrant security culture through guidance and support.

About Our TeamAt OpenAI, security is integral to our mission of ensuring that artificial general intelligence benefits all of humanity. Our Security team is dedicated to safeguarding OpenAI’s technology, personnel, and products. We take a technical approach to our builds while executing operationally, supporting every product and research initiative at OpenAI. Our core principles include focusing on impactful outcomes, empowering our researchers and developers, preparing for transformative technologies, and cultivating a strong, collaborative security culture.About the RoleWe are looking for a Principal Security Engineer to join our Infrastructure Security (InfraSec) team. InfraSec is responsible for protecting the backbone of OpenAI’s research and production environments, including GPU supercomputing clusters, multi-cloud infrastructure, data centers, networking, storage, and critical services that support our cutting-edge AI models. This role encompasses everything from bare-metal hardware and firmware to Kubernetes clusters, service meshes, and the secure data pathways that handle sensitive model weights and user information.As a Principal Security Engineer, you will define the technical vision and lead the implementation of essential foundational services, such as authentication systems, egress/ingress proxies, access brokers, and key management solutions, maintaining high standards of reliability, scalability, and software craftsmanship. These systems are crucial for ensuring security in OpenAI’s customer and supercomputing environments, especially under high-demand and adversarial conditions.Your Responsibilities:Lead the design and strategic roadmap for core security services (e.g., authentication/authorization, policy enforcement, secure proxies, key management), overseeing their journey from conception through deployment and ongoing operation.Design and develop large-scale security systems that ensure robust protections across hardware, operating systems, Kubernetes, networks, and CI/CD, while balancing security, reliability, latency, and developer usability.Collaborate with cross-functional teams in infrastructure and research engineering to orchestrate secure deployments, shaping interfaces, migration strategies, and rollout plans for extensive fleets and critical workflows.Develop and enhance security primitives (identity, attestation, authorization, encryption key lifecycle, access mediation) that serve as foundational blocks for OpenAI’s platform.Utilize cutting-edge models and agents to create automation and detection tools aimed at continuously identifying and mitigating potential threats.

About UpstartAt Upstart, we are driven by a significant mission: to drastically lower the cost and complexity of borrowing for all Americans. Every day, we harness creativity, experimentation, and cutting-edge AI to transform access to credit, empowering millions to progress financially with transparency and assurance.As the premier AI-powered lending marketplace, we collaborate with banks and credit unions to broaden access to affordable credit through technology that is both profoundly intelligent and genuinely human. Our platform executes over one million predictions per borrower by analyzing more than 1,800 signals, facilitating smarter, fairer decisions for millions of customers. The statistics only begin to reveal our impact. Every idea, every voice, and every contribution propels us towards a future where credit does not obstruct financial advancement.We proudly adopt a digital-first approach, allowing most Upstarters the flexibility to perform their best work from anywhere they flourish, collaborating with teammates across over 80 cities in the US and Canada. A digital-first culture does not imply distance; we intentionally cultivate in-person connections through team onsites, planning sessions, and moments designed to inspire creativity and trust. Whether you prefer to work primarily from home or engage in-person at one of our offices in Columbus, Austin, the Bay Area, or New York City (opening Summer 2026), you will receive the support to work in the manner that suits you best.If you are invigorated by addressing meaningful challenges, eager to innovate with intention, and motivated by work that has a substantial impact, we would love to connect with you.The TeamThe Upstart Security Team is committed to enhancing security practices to fortify the safety of our products, customers, and partners. We believe that security should empower innovation, keep pace with business, and be integrated from the ground up. Our mission is to safeguard Upstart’s products and enterprise while enabling teams to operate swiftly and safely through robust collaboration, automation, and thoughtful security design.As a Principal Security Engineer specializing in Data Security, you will play a pivotal role in defining, developing, and leading Upstart’s data security program. This highly impactful role combines deep hands-on technical execution with program leadership. You will design and implement scalable data security capabilities, influence cross-functional partners throughout the organization, and help establish a long-term strategy and accountability for how data is safeguarded at Upstart.This role is perfect for a seasoned security practitioner who thrives at the intersection of coding, architecture, and cross-functional collaboration.

Join Our Dynamic Security TeamAt OpenAI, security is integral to our mission of ensuring that artificial general intelligence serves the greater good of humanity. Our dedicated Security team safeguards our technology, personnel, and products. We pride ourselves on our technical expertise in building robust security measures while operating with a commitment to supporting all research and product initiatives at OpenAI.Our core tenets emphasize impactful prioritization, empowering researchers, preparing for transformative technologies, and fostering a vibrant security culture.Your Role as a Security EngineerWe are on the lookout for a skilled Security Engineer to bolster our Infrastructure Security (InfraSec) team. The InfraSec team is tasked with safeguarding the backbone of OpenAI’s research and production platforms, which include GPU supercomputing clusters, multi-cloud environments, data centers, networking, storage solutions, and the critical services that fuel our advanced AI models. This role encompasses a wide array of responsibilities, from hardware and firmware security to Kubernetes clusters and data access controls for sensitive model weights and user data.Key Responsibilities:Design and implement security controls across multiple layers—ranging from physical hardware and firmware to networks and CI/CD pipelines—to safeguard against sophisticated threats and insider risks.Collaborate with cross-functional engineering and security teams to deploy security enhancements and control modifications across extensive infrastructure.Lead high-impact initiatives such as checkpoint encryption, network isolation, secret management, and machine identity, while continuously elevating security standards for emerging AI workloads.Adopt a generalist mindset in building security measures, blending deep security knowledge with a broad range of technical skills to meet evolving challenges.Ideal Candidate Profile:Thorough understanding of security principles, best practices, and prevalent vulnerabilities.Proactive in identifying and mitigating security gaps or inefficiencies through automation and innovative tooling.Proven success in delivering scalable security solutions and driving impactful changes across real-world infrastructure projects.In-depth knowledge of cloud platform security (e.g., Amazon AWS, Microsoft Azure, Google Cloud).

CLEAR builds secure identity technology for both digital and physical spaces. With more than 38 million members and a growing global partner network, CLEAR’s platform helps people move through airports, stadiums, workplaces, and daily routines with greater safety and ease. Role Overview The Senior Security Engineer on the Infrastructure Security Engineering (ISE) team protects CLEAR’s core platforms. This position focuses on cloud security, identity management, and endpoint controls. The work centers on AWS and Kubernetes environments, using infrastructure-as-code to scale and automate security practices. What You Will Do Strengthen security across AWS and Kubernetes infrastructure Develop and implement security controls using infrastructure-as-code Work closely with Engineering, CorpIT, and Security teams to make security a default part of CLEAR’s systems Location This role is based in New York, New York, United States.

Role Overview mercor is hiring a Cloud Infrastructure Security Engineer in San Francisco. This role focuses on protecting cloud systems, maintaining data integrity, and applying security protocols to guard against new threats. Collaboration with cross-functional teams is central to designing and maintaining secure cloud environments.

Join Our TeamAt OpenAI, we believe in the transformative potential of artificial general intelligence for the benefit of humanity. Our dedicated Security team is pivotal in safeguarding this mission by protecting our technology, people, and products. We take a technical approach in our creations while executing operationally, supporting every product and research initiative at OpenAI. Our core principles include prioritizing impactful solutions, empowering researchers and developers, preparing for groundbreaking technologies, and cultivating a collaborative security culture.Your RoleWe are on the lookout for a passionate Security Software Engineer to become a vital member of our Infrastructure Security (InfraSec) team.InfraSec is responsible for the protection of OpenAI’s critical research and production environments, including GPU supercomputing clusters, multi-cloud infrastructure, data centers, networking, storage, and essential services that drive our cutting-edge AI models. Our responsibilities encompass everything from bare-metal hardware and firmware to Kubernetes clusters, service meshes, and the secure data pathways that manage sensitive model weights and user information.In this role, you will design and create essential foundational services, such as authentication systems, egress and ingress proxies, access brokers, and key management platforms. These systems are expected to meet high standards for reliability, scalability, and software craftsmanship, forming the security backbone of OpenAI’s supercomputing setup while remaining resilient against intense scale and potential adversarial threats.Key ResponsibilitiesArchitect and implement production-grade security services (e.g., authentication services, access brokers, secure proxies, key management infrastructure) ensuring robust security across hardware, operating systems, Kubernetes, networks, and CI/CD pipelines.Collaborate with infrastructure and research engineers to integrate security into high-performance compute clusters, enabling swift model training and deployment without compromising safety.Develop automation and detection tools to proactively identify and mitigate risks in expansive cloud and on-premise environments.Lead high-impact initiatives like line-speed encryption, machine identity management, and network isolation to continuously elevate security standards for advanced AI workloads.Participate in design reviews and threat modeling to ensure new systems are launched with strong security foundations.

About TraversalTraversal stands at the forefront of AI Site Reliability Engineering (SRE), trusted by leading enterprises globally to troubleshoot, remediate, and preemptively manage complex production incidents. Our mission is to liberate engineers from continuous firefighting, allowing them to channel their talents into innovative, impactful work.With deep roots in AI research, we are committed to establishing the premier AI agent lab for enterprises. Our greatest asset is our team, comprised of exceptionally skilled and kind individuals, including researchers from prestigious institutions such as MIT, Harvard, and Berkeley, alongside world-class engineers from industry leaders like Citadel Securities, Cockroach Labs, Datadog, and more. Together, we tackle one of AI's most challenging problems.The RoleAs an Infrastructure & Application Security Engineer at Traversal, you will be instrumental in constructing our security program from the ground up. This hands-on role is ideal for someone passionate about security, enthusiastic about Kubernetes, and eager to build—transforming risk into automated, measurable, and low-friction guardrails that engineers can leverage daily. You will work at the intersection of Kubernetes security, service-to-service security (including Istio Ambient), and application security for Python APIs within a multi-tenant SaaS environment, collaborating closely across engineering teams with a focus on deploying mechanisms rather than creating presentations.

Are you ready to push the boundaries of your capabilities?At Coinbase, we are committed to enhancing economic freedom around the globe. This ambitious mission requires our utmost dedication as we construct an innovative onchain platform that will redefine the global financial landscape.We are in search of a unique individual who is deeply passionate about our mission and recognizes the transformative potential of cryptocurrency and blockchain technology in modernizing the financial system. We want someone who is eager to leave a lasting impact, thrives under pressure, and seeks continuous feedback for personal and professional growth. This role calls for a problem-solver who embraces challenges head-on.Our work culture is dynamic and may not suit everyone. However, if you aspire to build the future alongside top-tier colleagues who demand excellence, there’s no better environment for you.While many positions at Coinbase are remote-first, we are not entirely remote. In-person engagement is required periodically throughout the year, as we hold team and company-wide offsites multiple times annually to nurture collaboration, connection, and alignment. Your participation is expected and fully supported.As a member of Coinbase's Infrastructure Security (InfraSec) team, you will play a pivotal role in safeguarding the core of our infrastructure and platform services. This position collaborates closely with engineering teams to design, implement, and automate advanced security solutions across intricate cloud and containerized environments. Utilizing your extensive knowledge of technologies like Kubernetes and AWS, you will act as a trusted consultant to cross-functional teams and senior leadership, influencing strategic decisions that harmonize security, scalability, and business functionality.

Join our innovative team at Xai as an Infrastructure Security Engineer. In this role, you will be instrumental in safeguarding our infrastructure, ensuring that our systems are secure against evolving threats. You will collaborate with cross-functional teams to implement security measures and best practices.

Join Palantir Technologies as a Product Infrastructure Security Engineer in New York. In this role, you will play a critical part in securing our infrastructure, ensuring that our products and services maintain the highest standards of security and reliability. You will work with top-tier engineering teams to identify vulnerabilities, implement robust security measures, and contribute to the overall security architecture of our systems.

Join Armada as a Senior Security Engineer specializing in Infrastructure. In this role, you will play a crucial part in safeguarding our systems and ensuring robust security protocols are in place across our infrastructure. Your expertise will guide our security strategies, working collaboratively with cross-functional teams to enhance our security posture and protect sensitive data.

About the Role mercor is hiring a Cloud Infrastructure Security Engineer in San Francisco or New York City. This role focuses on protecting cloud-based systems and data across the company. The engineer will design, implement, and monitor security controls to defend cloud infrastructure against threats. What You Will Do Develop and maintain security measures for cloud environments Monitor cloud infrastructure for vulnerabilities and incidents Respond to security threats and support incident investigations Work to ensure compliance with industry security standards Contribute expertise to strengthen overall security posture Location This position is based in San Francisco or New York City.

About Tailscale Tailscale is revolutionizing the way we connect on the Internet by providing software solutions that allow secure interconnections among individuals and their devices, irrespective of their location. From individual hobbyists to large multinational corporations, teams of all sizes rely on Tailscale daily to safeguard their networks and facilitate access to internal tools. We envision a future for the Internet that is secure, easy to use, and sensible, reminiscent of its earlier days. Established in 2019 and operating with a fully distributed team, we are supported by esteemed investors including Accel, CRV, Insight, Heavybit, and Uncork Capital.Job DescriptionWe are in search of a skilled Security Infrastructure Engineer to enhance our product security team. The ideal candidate will possess the ability to advance Tailscale's mission while ensuring a safer usage experience. Key skills include adaptability, collaboration with highly technical teams, and comfort with asynchronous work environments.Key ResponsibilitiesArchitect and implement security controls across various layers including cloud platforms, operating systems, Kubernetes, networks, and CI/CD pipelines to protect against advanced threats and insider risks.Enhance Tailscale’s security framework by identifying and executing opportunities for security and privacy improvements, bug fixes, and layered defense strategies throughout our codebase.Conduct audits of Tailscale’s infrastructure to uncover technical security vulnerabilities and develop mitigation strategies to address them.Provide support for engineering decisions through threat modeling and security expertise.Allocate 25-50% of your time to software development tasks in this role, alongside operational and governance security duties.

About Trail of Bits Founded in 2012 by three experienced hackers, Trail of Bits operates without outside investment and focuses on advancing cybersecurity. The company has helped protect some of the world's most at-risk organizations and devices. Combining research with practical engineering, Trail of Bits addresses complex security challenges and contributes to a deeper understanding of technology’s role in society. The team uses research-driven and custom approaches to help clients stay ahead of cyber threats. Trail of Bits also shares knowledge widely through blogs, whitepapers, newsletters, meetups, and open-source tools, supporting ongoing education for the security community. Role Overview The Principal Security Engineer serves as a key leader in the Research & Engineering division. This position influences technical direction, drives new business, leads projects, mentors colleagues, and supports company publications and outreach. Drawing on broad experience and a strong professional network, the Principal Security Engineer turns ideas into research and engineering projects that impact the industry. The role involves guiding and inspiring engineers, helping them grow their skills and networks. Acting as a company ambassador, the Principal Security Engineer contributes to the company blog and presents at conferences. This role also addresses team organization and operational issues, identifies knowledge gaps, and implements solutions. Close work with Staff Engineers on technical roadmaps, collaboration with Directors on resource planning, and support for proposal development (including writing Statements of Work and project scoping) are all part of the job. Software development responsibilities focus on Rust, C++, and Python, with occasional work in Go and Java. The Principal Security Engineer leads and collaborates with small, remote teams (typically 2–4 members) and maintains regular communication with colleagues, clients, and industry partners. Key Focus Areas Technical & Strategic Leadership: Define technical vision and oversee complex security research and engineering projects to strengthen Trail of Bits’ capabilities. Business Development: Engage with potential clients and independently manage the sales process, building relationships that generate new opportunities. Location This is a remote position based in the United States.

At StubHub, we are committed to revolutionizing the global live event experience. Our goal is to ensure that every fan—from first-time attendees to seasoned concert-goers—enjoys a seamless journey from ticket discovery to event entry. We also prioritize our sellers, whether they are individual fans or large-scale promoters, providing a secure and convenient platform for ticket sales to millions of users worldwide.About the Team:Join the StubHub Cloud & Infrastructure Security Engineering team, where we are looking for a seasoned engineer to fortify our security framework in the cloud and infrastructure sectors. The ideal candidate will have a robust background in cloud security architecture, network security, and infrastructure automation, along with knowledge of container and operating system security.

About UsAt PhysicsX, we are revolutionizing the landscape of hardware innovation by leveraging our expertise in numerical physics and our experience in Formula One. Our mission is to expedite the pace of hardware advancements akin to the rapid developments seen in software.We are developing an AI-enhanced simulation software suite aimed at transforming engineering and manufacturing across cutting-edge industries. By facilitating high-fidelity, multi-physics simulations through AI inference throughout the engineering lifecycle, PhysicsX empowers engineers to achieve unprecedented levels of optimization and automation in design, manufacturing, and operational processes. Our clientele includes top-tier innovators in Aerospace & Defense, Materials, Energy, Semiconductors, and Automotive sectors.The RoleAs our Principal Security Engineer, you will collaborate closely with engineering teams to design and implement robust secure development practices, embed security measures within our CI/CD pipeline, and guide security and design reviews.You will leverage your extensive expertise in DevSecOps, application security, and practical experience in securing web applications and APIs, all while possessing a deep understanding of contemporary development workflows. This role presents an exceptional opportunity to influence the direction of our security initiatives within a high-ownership, impactful environment.Your ResponsibilitiesDesign and integrate security tools directly into CI/CD pipelines to automate vulnerability detection and prevention, ensuring scalable 'shift-left' security.Lead threat modeling and secure design reviews for web applications, APIs, and cloud services.Manage the entire product vulnerability lifecycle, from issue triage and prioritization to remediation support, ensuring clear risk communication.Establish secure coding standards, create comprehensive playbooks, and deliver hands-on training and mentorship to foster a security-first culture across the organization.Collaborate cross-functionally with engineering teams to design and scale secure development practices throughout the software lifecycle.Engage with customers during security assessments.Your QualificationsOver 10 years of experience in security, focusing on DevSecOps and security design reviews.Hands-on expertise in secure coding, comprehensive understanding of OWASP Top 10, threat modeling, and SDLC integration.Proficiency with GitHub/GitLab, CI/CD, Infrastructure as Code (IaC), and containerized environments.Experience with deploying and utilizing SAST tools (e.g., Semgrep, Snyk).Strong development skills in Python and Go.A proven track record of balancing pragmatic security solutions with business needs.

As a Product Infrastructure Security Engineer at Palantir, you will play a pivotal role in enhancing our security infrastructure. You will work alongside talented engineers to design, build, and maintain secure systems that protect our clients' sensitive data. Your expertise will help us innovate and implement security best practices while ensuring compliance with industry standards.

Role Overview SonarSource is hiring an Infrastructure Security Engineer in Austin, Texas. This role focuses on protecting the company’s software development tools and infrastructure. The position involves working closely with teams across the organization to strengthen security practices and respond to incidents. What You Will Do Design and implement security controls for infrastructure and internal systems Work with colleagues in different departments to improve overall security Identify vulnerabilities and recommend solutions Respond to and investigate security incidents What We Look For Experience in infrastructure security or a related field Ability to assess risks and propose practical safeguards Strong communication skills for cross-team collaboration Problem-solving mindset and attention to detail