[Remote] Security Engineer

Note: The job is a remote job and is open to candidates in USA. Fireworks AI is building the future of generative AI infrastructure, focusing on delivering high-quality models with scalable inference. As a Security Engineer, you will design and implement security controls across AI infrastructure and platforms, ensuring the confidentiality, integrity, and availability of data and models while supporting the company's rapid growth.

Responsibilities

• Design and build security-focused software and platform capabilities to protect customer data, models, and services across our multi-cloud infrastructure, including encryption, identity and access management, secure API gateways, secure model execution, and sandboxing strategies
• Perform security reviews of cloud-native architectures—including Kubernetes clusters, multi-cloud workloads, and distributed data stores—and build integrated systems for continuous security monitoring, anomaly detection, and automated response
• Embed security into CI/CD pipelines using a DevSecOps approach, implementing automated scanning, policy enforcement, and secure-by-default build and deployment workflows
• Apply a build-over-buy philosophy by designing and developing in-house security tooling and automation where it provides better control, scalability, and integration than off-the-shelf solutions
• Build and operate a comprehensive vulnerability management program, partnering with various teams to remediate risks across applications, containers, cloud infrastructure, and dependencies
• Operate and continuously improve security operations, including detection engineering, alert triage, incident response, and continuous improvement through post-incident reviews
• Participate in red/blue team exercises, tabletop simulations, and post-incident root cause analysis to strengthen security resilience
• Embed compliance and regulatory controls into infrastructure and product layers (e.g., SOC 2, ISO 27001, ISO42001, HIPAA, PCI-DSS, GDPR)

Skills

• 3 to 7 years of experience in software engineering or security engineering with a strong focus on security, infrastructure, or cloud-native systems
• Proficient in Python and/or Go with experience in designing production-grade systems
• Strong understanding of cloud-native architectures using GCP, particularly in the area of network segregation, authentication, authorization, encryption, data protection, intrusion detection, and cloud-specific security benchmarks
• Hands-on experience with Kubernetes, Docker, and containerized production environments; deep knowledge of Kubernetes internals and native security controls is a strong plus
• Familiarity with security tooling in managed CI/CD environments (e.g., GitHub Actions, Harness, CircleCI)
• Solid experience working in Linux environments, including system administration, debugging, and automation via command-line tooling
• Familiarity with modern identity and access controls (SAML, OAuth, OIDC, SSO, RBAC/ABAC)
• Experience designing secure multi-cloud deployments and zero-trust architectures
• Experience designing, operating, and securing large-scale Kubernetes platforms, including control plane security, node hardening, and multi-tenant isolation
• Experience designing, operating, and securing large-scale multi-cloud platforms across AWS, GCP, Azure, Oracle Cloud, and GPU as service cloud providers
• Proficiency with infrastructure-as-code using Terraform and Python, including experience building modular policy-as-code frameworks
• Strong understanding of data protection techniques, including encryption at rest/in transit, tokenization, key management, and confidential computing
• Experience integrating security into microservice architectures, service meshes, and distributed systems
• Hands-on experience securing LLM/ML platforms, model inference infrastructure, GPU clusters, or data labeling pipelines
• Experience designing detection engineering pipelines across cloud audit logs, network telemetry, and application signals
• Experience building large-scale IAM and PAM platforms using least-privilege, workload identity, and just-in-time access
• Familiarity with container image vulnerability remediation, security, SBOM generation, and software supply chain security
• Experience building, implementing and operating security automation platforms for incident response and security operations
• Familiarity with compliance tooling and frameworks (e.g., Vanta, SOC 2, ISO 27001, ISO 42001, PCI-DSS)

Benefits

• Meaningful equity in a fast-growing startup
• A competitive salary
• Comprehensive benefits package

Company Overview

Company H1B Sponsorship