Lead Security Engineer (AI)

TL;DR

Lead Security Engineer (AI/Infra): Designing and operating security architecture for cloud and research environments with an accent on identity systems, secrets management, and CI/CD hardening. Focus on building automated security controls, leading incident response, and securing AI/ML research infrastructure.

Location: On-site in Menlo Park, California

Company

AI + physical sciences lab building state-of-the-art models to make novel scientific discoveries.

What you will do

• Own security architecture across cloud, Kubernetes, internal services, and research infrastructure.
• Design and operate identity and access systems including SSO, MFA, RBAC, and SCIM lifecycle automation.
• Build and improve secrets management and secure service-to-service authentication flows.
• Harden software delivery and developer workflows, including CI/CD and dependency security.
• Lead threat modeling, risk assessments, and incident response capabilities across the environment.
• Partner with infra and lab engineering on network segmentation, firewall policy, and secure device-to-cloud patterns.

Requirements

• Experience building and operating security controls in AWS, GCP, or Azure and Kubernetes-based environments.
• Strong hands-on engineering skills with Python, Bash, and Terraform.
• Proficiency with identity systems such as Okta or Entra, and protocols like SAML and OIDC.
• Experience with secure SDLC, supply chain controls, and CI hardening.
• Knowledge of Linux and network security fundamentals, including DNS, firewalls, and VPNs.
• Ability to drive cross-functional security work and balance security with engineering velocity.

Nice to have

• Experience securing AI, ML, or research infrastructure.
• Experience securing mixed on-prem and cloud environments or physical device integration.
• Knowledge of runtime security, eBPF, admission control, or policy-as-code.
• Experience translating enterprise security requirements into practical engineering controls.