Distinguished Engineer, End-to-End Security Architect
Graphcore · Milpitas, CA · 1 wk ago
EngineeringFull-time
Responsibilities
- Own the end-to-end security architecture for the inference service platform, covering infrastructure, networking, APIs, operational controls, monitoring, and customer assurance.
- Define security principles, threat models, trust boundaries, tenant isolation requirements, and architectural standards for the service.
- Establish security requirements for deployment environments, including physical security, operational controls, access management, and asset protection.
- Define platform security requirements across hardware, firmware, secure boot, attestation, software integrity, and lifecycle management.
- Led the design of network and service isolation controls, secure communications, segmentation strategies, and administrative access protections.
- Own security architecture for authentication, authorisation, secrets management, encryption, key management, and data protection controls.
- Define privileged access management approaches, audit requirements, access review processes, and emergency access procedures.
- Establish logging, monitoring, telemetry, incident response, and security assurance requirements across the service lifecycle.
- Partner with engineering and operations teams to ensure security requirements are effectively implemented, maintained, and validated.
- Assess security posture against customer, contractual, regulatory, and internal requirements, managing risk-based decisions where required.
- Support customer security reviews, audits, penetration testing activities, security questionnaires, and technical assurance discussions.
- Provide technical leadership, architectural guidance, mentoring, and design review expertise across multiple teams and disciplines.
Qualifications
- Advanced degree in Computer Science, Computer Engineering, Cybersecurity, Electrical Engineering, or a related technical discipline, or equivalent practical experience.
- Significant experience in security architecture, platform security, cloud security, infrastructure security, or large-scale service security.
- Demonstrated experience defining and owning security architecture for customer-facing platforms, infrastructure services, or large-scale production environments.
- Deep understanding of threat modelling, zero-trust principles, tenant isolation, privileged access management, cryptographic controls, and secure operations.
- Strong knowledge of platform security technologies including trusted execution mechanisms, secure boot, attestation, firmware integrity, and supply-chain security concepts.
- Experience defining security requirements for data centre deployments, operational environments, and physical security controls.
- Expertise in network security architecture, segmentation, management-plane protection, secure communications, monitoring, and access control.
- Experience with key management, secrets management, certificate lifecycle management, and encryption technologies.
- Experience securing APIs, deployment pipelines, service control planes, and operational tooling.
- Strong understanding of logging, monitoring, incident response, security operations, and evidence management practices.
- Experience supporting customer security reviews, audits, penetration testing activities, and executive-level security discussions.
- Excellent communication and stakeholder management skills, with the ability to influence technical and non-technical audiences.
- Proven ability to lead through influence across engineering, security, operations, compliance, and customer-facing teams.