Senior Security Engineer, Platform Engineering

ROLE SUMMARY 

Firmus Technologies is seeking a Senior Security Engineer, Platform Engineering to join our AI Platforms team. You will drive the design and implementation of our platform security. You will also champion and partner with other teams to standardize security management and build internal security culture across the organization. This role is ideal for a self-starter with passion for building things from first principles. You naturally break down complex problems into their fundamental truths to uncover novel and elegant solutions—rather than relying on conventional patterns. 

 

KEY RESPONSIBILITIES 

• Lead platform security efforts by assessing risks, hardening platforms, and ensuring secure access for cloud and on-premises systems. 
• Own the security standard for Firmus Managed Kubernetes Service for high-performance computing product offering to customers with NVIDIA H200 and GB300. 
• Apply Kubernetes security best practices, including RBAC, admission controllers, pod security, auditing, and network policies. 
• Implement supply chain security for Kubernetes, including image signing, vulnerability scanning, and policy enforcement. 
• Secure infrastructure as code (IaC) pipelines with automated security scanning. 
• Automate patch management for platform components, ensuring timely updates and robust testing before deployment. 
• Experiment with AI/ML-powered tools to eliminate mundane tasks, know security posture quickly and take proactive action on drift or anomalies. 
• Collaborate with other teams to align and enhance security posture on: 
• Automated compliance checks and reporting. 
• Secrets management for secure credential storage and auditing. 
• Identity and privileged access management for applications and remote access. 
• Encryption solutions, including SSL/TLS certificate management, to protect data in transit and at rest 
• Security monitoring and incident response. 
• Security awareness and guidance to engineering and operations teams. 

 

SKILLS AND EXPERIENCE 

• Bachelor's degree in computer science or a related technical field.  
• 7+ years of experience as Platform Security, DevSecOps or Site Reliability Engineer.  
• Demonstrated strong proficiency on the following areas: 
  • Security standards and frameworks, including CIS Benchmarks, NIST, ISO 27001, and SOC 2. 
  • OWASP Top 10 security risks for applications and cloud-native infrastructure. 
  • Kubernetes security and networking best practices with tools like Calico, kube-bench, or Falco. 
  • Kubernetes supply chain security best practices with tools like Cosign, Trivy or Kyverno. 
  • Automated IaC security scanning with tools like Checkov or Snyk. 
  • Secrets management such as HashiCorp Vault or Azure Key Vault. 
  • Identity Access Management and Privileged Access Management such as Auth0, Microsoft Entra, HashiCorp Boundary or Teleport. 
  • SSL/TLS certificate management, including automated issuance, renewal, deployment, and monitoring. 
• Competent in scripting and programming skills (e.g., Bash, Python, Go). 
• Systems knowledge on Linux internals, networking stacks, and distributed storage.  
• Clear and effective English communication, written and spoken.  
• Security certifications (e.g., CISSP, CKS, OSCP, GCP/AWS/Azure Security). 
• Bonus:  
  • Experience in high-growth startups or regulated industries with robust security and data privacy requirements, including SOC 2 Type 2, ISO 27001, PCI DSS or HIPAA. 
  • Experience applying security principles to AI/ML Ops environments.