Principal Infrastructure Security Engineer at Crusoe - ScoutJobs - The AI-curated global job board
Skip to content
C
Posted 13 hours ago

Principal Infrastructure Security Engineer

CrusoePrincipal Infrastructure Security Engineer

Perks & benefits

Education AllowanceHealth InsurancePaid Leave

Requirements

12+ years infrastructure security experience, Cloud provider or HPC background, Identity framework expertise (SPIFFE/SPIRE), Linux kernel and hypervisor knowledge, Bare-metal and BMC security experience, Coding fluency in Go, Python, Rust, or C/C++, Degree in CS, CE, or Cybersecurity

Skills

Zero TrusteBPF

About the role

Responsibilities

  • Lead the architectural transition to a zero-trust network using Workload Identity (SPIFFE/SPIRE) and mTLS
  • Architect and deploy Just-in-Time (JIT) access models and ephemeral credentials to eliminate static keys
  • Enforce security controls across the supply chain, from firmware and BMC hardening to CI/CD build environments
  • Drive technical delivery of enterprise trust features like Customer-Managed Encryption Keys (CMEK) and Secrets-as-a-Service
  • Deploy host-level controls using eBPF and Falco for kernel lockdown and real-time threat detection
  • Guide security architecture for SDN 2.0, VPC peering, and private connectivity to ensure tenant isolation
  • Act as a technical advisor to leadership, translating systemic risks into engineering action plans

Requirements

  • 12+ years of experience in infrastructure security, security architecture, or production engineering
  • Significant tenure at a major cloud provider (AWS, GCP, Azure) or high-performance computing environment
  • Deep expertise with identity frameworks (SPIFFE/SPIRE, OIDC, OAuth 2.0) and mTLS at scale
  • Strong experience securing CI/CD pipelines and software/hardware supply chains
  • Authoritative knowledge of Linux kernel internals, hypervisor isolation, and runtime integrity (eBPF, Falco)
  • Experience securing bare-metal infrastructure, including BMC hardening, TPMs, and Secure Boot
  • Proficiency in Go, Python, Rust, or C/C++ for security automation
  • Bachelor’s or Master’s degree in Computer Science, Computer Engineering, Cybersecurity, or related field

Preferred Qualifications

  • Experience securing massive-scale GPU clusters or LLM training pipelines
  • Maintainer status or major contributions to CNCF security tools (SPIFFE/SPIRE, Falco, OPA) or the Linux Kernel
  • Experience mitigating endpoint and SaaS risks (Okta, Google Workspace)

Benefits

  • Competitive compensation and equity packages (RSUs)
  • Comprehensive health, dental, and vision insurance
  • 401(k) with up to 4% company match
  • Paid parental leave and volunteer time off
  • Professional development and tuition reimbursement
  • Daily meals allowance and commuter benefits
ScoutJobs Agent

Get matches like this delivered daily

Sign up free — we'll pull jobs that fit your CV from across the web and rank them for you.

Get started — it's free

Principal Infrastructure Security Engineer

Crusoe · San Francisco

Sign up to apply