We are seeking a talented and motivated Infrastructure Security Engineer to join our security team. In this role, you will design, implement, and maintain secure cloud and hybrid infrastructure, and ensure the integrity of our cloud-native applications. The position focuses on securing critical infrastructure across multi‑cloud and hybrid environments, building secure foundations, hardening platforms at scale, and partnering closely with engineering teams so security is embedded in how we build and run systems.
Infrastructure Security Engineer at xAI
On-site - Austin, TX; New York, NY; Palo Alto, CA; Washington, D.C.
More jobs at xAISalary
USD 100,000 - 258,000
Requirements
Skills
- Bachelor's degree in Computer Science, Cybersecurity, or a related field
- 3–5 years of experience in cloud security, infrastructure security, or related roles
- Strong understanding of cloud security principles, compliance frameworks, and best practices
- Proficiency in at least one cloud platform (AWS, GCP, or Azure) and associated security services
- Proven experience securing hybrid AWS/on-premises (or multi-cloud) environments, including IAM and overall security posture
- Experience with Infrastructure as Code tools (e.g., Terraform, CloudFormation)
- Familiarity with containerization technologies and their security implications
- Knowledge of network security concepts and protocols
- Experience with scripting languages (e.g., Python, Bash) for automation and tool development
- Proactive mindset with strong ownership, critical thinking, and problem-solving skills
- Located in the SF Bay Area or willing to relocate
- Relevant security certifications (e.g., CCSP, CSSK, AWS Security Specialty)
- Deep expertise in Kubernetes and container security
- Experience with multi-cloud environments and cloud-to-cloud security
- Knowledge of CI/CD best practices and tools
- Familiarity with regulatory compliance requirements (e.g., GDPR, HIPAA, PCI DSS, NIST CSF)
- Strong proficiency with Python, Terraform, and configuration management (e.g., Puppet)
- Hands-on experience building GitHub Actions and workflows
- Experience with observability and security operations tooling (e.g., Prometheus, Grafana, CloudWatch, Karma; SIEM platforms such as Wazuh)
- Experience in building custom cloud security tools or integrations
- Interest in leveraging AI for cloud security monitoring and automation
- Contributions to open-source cloud security projects
- Experience with securing AI/ML workloads in cloud environments
- Experience in banking, money transmission, P2P payments, or similarly regulated financial platforms
Responsibilities
- Design and implement secure cloud architectures across multiple cloud platforms (e.g., AWS, GCP, Azure)
- Build and secure mission-critical applications in hybrid cloud and on-premises environments
- Develop and maintain Infrastructure as Code (IaC) templates with embedded security controls
- Assist with regular security assessments and audits of cloud infrastructure and services
- Implement and manage cloud security tools and services (e.g., CSPM, CWPP, CASB)
- Manage identities and roles effectively across cloud and hybrid environments
- Monitor and remediate infrastructure to comply with regulations and best practices (e.g., PCI, NIST CSF, GDPR, HIPAA)
- Design and implement secure container standards and automation that enable frictionless developer workflows
- Maintain Kubernetes security aligned with current best practices
- Collaborate with development teams to ensure security best practices are integrated into CI/CD pipelines
- Secure and enhance CI/CD pipelines; integrate and maintain code scanning platforms
- Monitor and respond to security events and incidents in cloud and hybrid environments
- Maintain SIEM data pipelines needed for reliable alerting
- Build, deploy, and maintain security operations infrastructure using Python, Terraform, and configuration management (e.g., Puppet)
- Develop dashboards and alerts from security metrics
- Develop and maintain cloud security policies, standards, and procedures
- Own security projects end to end: identify issues and implement solutions
- Stay current with emerging cloud security threats and mitigation strategies
Technologies
AWSGCPAzureTerraformCloudFormationKubernetesPythonBashPuppetSIEMCSPMCWPPCASBCI/CDCode scanning platformsPrometheusGrafanaCloudWatchKarmaWazuhGitHub ActionsIaC
See if your resume is ready for this job
See how our AI can optimize your resume and improve your chances for this role.