AI Infrastructure Security Engineer
Brain Co. · Albany, New York Metropolitan Area · 2 wk ago
On-siteInformation Technology$375/hrFull-time
About the role
This is a hands-on builder role for someone who wants to build secure-by-default infrastructure from first principles and grow the function as the company scales. You'll work closely with the infrastructure team to design and implement security solutions, ensuring that the platform is protected from both internal and external threats.
Responsibilities
- Build the security foundations of our AI platform: identity, isolation, secrets management, and access control across cloud and Kubernetes environments.
- Harden infrastructure end-to-end from cloud networking and service meshes to CI/CD pipelines and the data and model pipelines powering Brain Co's AI capabilities work.
- Implement Zero Trust principles and machine identity across workloads; short-lived credentials, least-privilege access, and encrypted service communication.
- Protect customer data and the agent workloads running on our platform.
- Design secure execution environments and data access pathways for code and actions taken by agents on our systems.
- Own threat modeling across infrastructure layers—identifying and remediating risks before they become incidents.
- Own security for Brain Co's forward-deployed infrastructure — designing and hardening bespoke VPCs and customer-environment deployments where every engagement brings its own unique attack surface.
- Partner with platform, infra, product, and ML teams to ship code and infrastructure together as a true partner so engineers move fast with secure-by-default systems.
Requirements
- 5+ years of experience in security engineering, infrastructure, or SRE with hands-on experience building or securing production systems at scale.
- Fluent in cloud security fundamentals (IAM, networking, KMS, secrets, isolation) across AWS, GCP, or Azure.
- Have designed and implemented secure systems end-to-end not just reviewed them after the fact.
- Hands-on experience with Kubernetes, container security, and Linux systems.
- Think in terms of threat models, trust boundaries, and failure modes and can translate that into concrete controls.
- Enjoy building paved roads and guardrails using Infrastructure-as-Code (Terraform preferred) so the whole team moves faster safely.
- Experience with authentication and authorization systems, secrets management, and cryptography basics.
- A hands-on builder who is energized by writing code, shipping infrastructure, and partnering directly with infra and platform engineers rather than advising from the sidelines.
- Thrive in ambiguous, high-agency environments and want ownership of the infrastructure security function as it grows.
Bonus points
- Experience with ML systems or multi-tenant platform isolation.
- Familiarity with service mesh and zero-trust architectures.
- Proficiency in Go, Python, or a similar language for automation and tooling.
Qualifications
- Bachelor's degree in Computer Science, Engineering, or related field.
- Strong understanding of cloud computing, containerization, and DevOps practices.
- Experience with security tools and technologies such as AWS, GCP, Azure, and Kubernetes.
- Excellent problem-solving skills and ability to think creatively to address complex security challenges.
- Ability to work independently and as part of a team.
Skills
- Cloud security fundamentals (IAM, networking, KMS, secrets, isolation).
- Kubernetes, container security, and Linux systems.
- Zero Trust principles and machine identity.
- Authentication and authorization systems, secrets management, and cryptography basics.
- Infrastructure-as-Code (Terraform preferred).
- Service mesh and zero-trust architectures.
- Go, Python, or a similar language for automation and tooling.
Benefits
- Competitive salary plus equity.
- Daily lunches.
- Commuter benefits.
- 401(k).
- Medical, Dental, and Vision coverage.
- Unlimited PTO.