We are a fast-growing startup building scalable, secure, and resilient systems to power the next wave of innovation. As an early team member, you'll play a critical role in shaping our infrastructure and security practices, ensuring we build for scale while keeping customer trust and data protection at the core.
Role Overview
We are seeking a Security & Infrastructure Engineer with hands-on experience in cloud infrastructure, DevOps, and security best practices. This role is ideal for someone who thrives in early-stage or scaled startup environments, enjoys ownership, and wants to grow with the company as we scale.
Key Responsibilities
- Design, implement, and manage cloud infrastructure (AWS, GCP, or Azure) for high availability and scalability.
- Establish and maintain infrastructure security controls (IAM policies, secrets management, access controls, monitoring).
- Build CI/CD pipelines and automate deployment workflows to improve developer productivity.
- Conduct vulnerability assessments, threat modeling, and incident response to safeguard systems.
- Implement logging, monitoring, and alerting frameworks to ensure observability and proactive issue resolution.
- Partner with engineering teams to embed security best practices into product development.
- Drive compliance readiness (SOC2, ISO27001, GDPR) through security automation and documentation.
Requirements
- 25 years of hands-on experience in DevOps, cloud infrastructure, or security engineering roles.
- Strong expertise in AWS/GCP/Azure (at least one major cloud platform).
- Experience with Terraform / Ansible / Kubernetes / Docker.
- Familiarity with networking, firewalls, VPNs, and endpoint security.
- Proficiency with monitoring & logging tools (Datadog, Prometheus, ELK, CloudWatch, etc.).
- Experience with CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins).
- Strong knowledge of security fundamentals (encryption, IAM, vulnerability management).
- Prior startup experience (scaled or early-stage) preferred comfortable wearing multiple hats and driving outcomes independently.
Nice-to-Have
- Exposure to zero-trust architectures.
- Familiarity with compliance frameworks (SOC2, ISO, HIPAA, GDPR).
- Experience responding to security incidents in production environments.
- Knowledge of scripting (Python, Bash, Go, etc.) for automation.
