C
Posted 9 hours ago
Principal Infrastructure Security Engineer
CrusoePrincipal Infrastructure Security Engineer
Perks & benefits
Education AllowanceHealth InsurancePaid Leave
Requirements
12+ years infrastructure security experience, Cloud provider or HPC background, Identity framework expertise (SPIFFE/SPIRE), Linux kernel and hypervisor knowledge, Bare-metal and BMC security experience, Coding fluency in Go, Python, Rust, or C/C++, Degree in CS or related field
Skills
GoeBPFZero Trust
About the role
About the Company
Crusoe is on a mission to accelerate the abundance of energy and intelligence. As the only vertically integrated AI infrastructure company built from the ground up, we own and operate each layer of the stack — from electrons to tokens — to power the world's most ambitious AI workloads.
Responsibilities
- Lead the architectural transition to a zero-trust network using Workload Identity (SPIFFE/SPIRE) and mTLS
- Architect and deploy Just-in-Time (JIT) access models and ephemeral credentials to eliminate static keys
- Enforce security controls across the supply chain, from firmware and BMC hardening to CI/CD build environments
- Drive technical delivery of enterprise trust features like Customer-Managed Encryption Keys (CMEK) and Secrets-as-a-Service
- Deploy host-level controls using eBPF and Falco for kernel lockdown and real-time threat detection
- Guide security architecture for SDN 2.0, secure VPC peering, and private connectivity
- Act as a trusted advisor to leadership, synthesizing systemic signals into engineering action plans
Requirements
- 12+ years of experience in infrastructure security, security architecture, or production engineering
- Significant tenure at a major cloud provider (AWS, GCP, Azure) or high-performance computing environment
- Deep expertise with identity frameworks (SPIFFE/SPIRE, OIDC, OAuth 2.0)
- Strong experience securing CI/CD pipelines and software/hardware supply chains
- Authoritative knowledge of Linux kernel internals, hypervisor isolation, and runtime integrity (eBPF, Falco)
- Experience securing bare-metal infrastructure, including BMC, TPMs, and Secure Boot
- Proficiency in Go, Python, Rust, or C/C++ for automation and prototyping
- Bachelor’s or Master’s degree in Computer Science, Computer Engineering, Cybersecurity, or related field
Preferred Qualifications
- Experience securing massive-scale GPU clusters or LLM training pipelines
- Maintainer status or major contributions to CNCF security tools or the Linux Kernel
- Experience mitigating endpoint and SaaS risks (Okta, Google Workspace)
ScoutJobs Agent
Get matches like this delivered daily
Sign up free — we'll pull jobs that fit your CV from across the web and rank them for you.
Get started — it's freePrincipal Infrastructure Security Engineer
Crusoe · San Francisco
