Modal21.04.2026

Infrastructure Security Engineer

Полная занятостьNew York

Обязанности

  • 01Design and improve isolation mechanisms for multi-tenant workloads (containers, sandboxing, execution environments)
  • 02Strengthen boundaries between customers, workloads, and internal systems
  • 03Identify and mitigate risks in distributed, dynamic compute environments
  • 04Secure and harden containerized workloads and orchestration systems (e.g., Kubernetes or similar)
  • 05Improve workload isolation, scheduling boundaries, and runtime protections
  • 06Evaluate tradeoffs in multi-tenant execution models
  • 07Design and improve authentication and authorization systems across services
  • 08Implement strong service-to-service identity and least-privilege access patterns
  • 09Improve access controls across infrastructure and internal systems
  • 10Build and maintain systems for securely managing secrets, tokens, and credentials
  • 11Improve rotation, auditing, and access controls
  • 12Reduce secret sprawl and integrate secure patterns into developer workflows
  • 13Secure cloud environments across providers (AWS, GCP, etc.) with a focus on consistency and portability
  • 14Improve network boundaries, service segmentation, and access controls
  • 15Embed security into infrastructure-as-code and deployment systems
  • 16Work closely with product and infrastructure teams to design secure systems from the ground up
  • 17Review architecture and code for security risks and provide actionable guidance
  • 18Identify patterns in risks and drive cross-cutting improvements

Требования

  • 01Experience securing cloud-native infrastructure and distributed systems in production
  • 02Background in infrastructure, backend, or security engineering
  • 03Experience working in multi-tenant or high-scale environments
  • 04Strong understanding of containerization and orchestration systems (e.g., Kubernetes or similar)
  • 05Experience designing or securing isolation mechanisms in multi-tenant systems
  • 06Solid understanding of authentication, authorization, and service identity models
  • 07Experience with secrets management and secure handling of credentials
  • 08Strong foundation in networking concepts (segmentation, service communication, access boundaries)
  • 09Builder mentality, you design and implement, not just review
  • 10Pragmatic approach to security in fast-moving environments
  • 11Comfortable working deeply with engineers and influencing system design