Senior Security Engineer, Platform Engineering

Firmus Technologies is seeking a Senior Security Engineer, Platform Engineering to join our AI Platforms team. You will drive the design and implementation of our platform security. You will also champion and partner with other teams to standardize security management and build internal security culture across the organization. This role is ideal for a self-starter with passion for building things from first principles. You naturally break down complex problems into their fundamental truths to uncover novel and elegant solutions—rather than relying on conventional patterns.

• Lead platform security efforts by assessing risks, hardening platforms, and ensuring secure access for cloud and on-premises systems.
• Own the security standard for Firmus Managed Kubernetes Service for high-performance computing product offering to customers with NVIDIA H200 and GB300.
• Apply Kubernetes security best practices, including RBAC, admission controllers, pod security, auditing, and network policies.
• Implement supply chain security for Kubernetes, including image signing, vulnerability scanning, and policy enforcement.
• Secure infrastructure as code (IaC) pipelines with automated security scanning.
• Automate patch management for platform components, ensuring timely updates and robust testing before deployment.
• Experiment with AI/ML-powered tools to eliminate mundane tasks, know security posture quickly and take proactive action on drift or anomalies.
• Collaborate with other teams to align and enhance security posture on:
• Automated compliance checks and reporting.
• Secrets management for secure credential storage and auditing.
• Identity and privileged access management for applications and remote access.
• Encryption solutions, including SSL/TLS certificate management, to protect data in transit and at rest
• Security monitoring and incident response.
• Security awareness and guidance to engineering and operations teams.

• Bachelor's degree in computer science or a related technical field.
• 7+ years of experience as Platform Security, DevSecOps or Site Reliability Engineer
• Demonstrated strong proficiency: Security standards and frameworks, including CIS Benchmarks, NIST, ISO 27001, and SOC 2.
• Demonstrated strong proficiency: OWASP Top 10 security risks for applications and cloud-native infrastructure.
• Demonstrated strong proficiency: Kubernetes security and networking best practices with tools like Calico, kube-bench, or Falco.
• Demonstrated strong proficiency: Kubernetes supply chain security best practices with tools like Cosign, Trivy or Kyverno.
• Demonstrated strong proficiency: Automated IaC security scanning with tools like Checkov or Snyk.
• Demonstrated strong proficiency: Secrets management such as HashiCorp Vault or Azure Key Vault.
• Demonstrated strong proficiency: Identity Access Management and Privileged Access Management such as Auth0, Microsoft Entra, HashiCorp Boundary or Teleport.
• Demonstrated strong proficiency: SSL/TLS certificate management, including automated issuance, renewal, deployment, and monitoring.
• Demonstrated strong proficiency: Competent in scripting and programming skills (e.g., Bash, Python, Go).
• Demonstrated strong proficiency: Systems knowledge on Linux internals, networking stacks, and distributed storage.
• Clear and effective English communication, written and spoken.
• Security certifications (e.g., CISSP, CKS, OSCP, GCP/AWS/Azure Security).
• Bonus: Experience in high-growth startups or regulated industries with robust security and data privacy requirements, including SOC 2 Type 2, ISO 27001, PCI DSS or HIPAA.
• Bonus: Experience applying security principles to AI/ML Ops environments.

• Ability to prioritize security work based on clear understanding of business risk and company objective.
• Adept at translating security needs into practical, automated solutions.
• Deep expertise in security standards and frameworks with hands‑on experience applying these to cloud, Kubernetes, and infrastructure environments.
• Excellent analytical and problem‑solving skills in fast‑paced environment.
• Strong cross‑functional collaboration with engineering, operations, and leadership.
• Commitment to continuous learning and staying ahead of emerging threats.
• Leadership in fostering a culture of security‑first thinking and accountability.

• Reduction of critical/high‑severity vulnerabilities across platform components.
• Timely completion of security audits and compliance certifications.
• Increased automation of security controls and compliance checks.
• Adoption rate of security tools and best practices across teams.
• Improved mean time to detect (MTTD) and mean time to resolve (MTTR) for security incidents.
• Successful remediation of penetration test and vulnerability assessment findings.
• Positive internal feedback on frictionless security enablement and support.