Modal21.04.2026
Infrastructure Security Engineer
Полная занятостьNew York
Обязанности
- 01Design and improve isolation mechanisms for multi-tenant workloads (containers, sandboxing, execution environments)
- 02Strengthen boundaries between customers, workloads, and internal systems
- 03Identify and mitigate risks in distributed, dynamic compute environments
- 04Secure and harden containerized workloads and orchestration systems (e.g., Kubernetes or similar)
- 05Improve workload isolation, scheduling boundaries, and runtime protections
- 06Evaluate tradeoffs in multi-tenant execution models
- 07Design and improve authentication and authorization systems across services
- 08Implement strong service-to-service identity and least-privilege access patterns
- 09Improve access controls across infrastructure and internal systems
- 10Build and maintain systems for securely managing secrets, tokens, and credentials
- 11Improve rotation, auditing, and access controls
- 12Reduce secret sprawl and integrate secure patterns into developer workflows
- 13Secure cloud environments across providers (AWS, GCP, etc.) with a focus on consistency and portability
- 14Improve network boundaries, service segmentation, and access controls
- 15Embed security into infrastructure-as-code and deployment systems
- 16Work closely with product and infrastructure teams to design secure systems from the ground up
- 17Review architecture and code for security risks and provide actionable guidance
- 18Identify patterns in risks and drive cross-cutting improvements
Требования
- 01Experience securing cloud-native infrastructure and distributed systems in production
- 02Background in infrastructure, backend, or security engineering
- 03Experience working in multi-tenant or high-scale environments
- 04Strong understanding of containerization and orchestration systems (e.g., Kubernetes or similar)
- 05Experience designing or securing isolation mechanisms in multi-tenant systems
- 06Solid understanding of authentication, authorization, and service identity models
- 07Experience with secrets management and secure handling of credentials
- 08Strong foundation in networking concepts (segmentation, service communication, access boundaries)
- 09Builder mentality, you design and implement, not just review
- 10Pragmatic approach to security in fast-moving environments
- 11Comfortable working deeply with engineers and influencing system design