Infrastructure Security Engineer

Modal
new york, US
Remote

Who this role is best for

Strong fit for infrastructure security engineers with hands-on experience in cloud-native systems and container security, working remotely in a fast-growing AI infrastructure company.

Best fit for

  • Engineers with experience securing multi-tenant cloud-native infrastructure.
    — “Experience securing cloud-native infrastructure and distributed systems in production
  • Builders who design and implement security systems.
    — “Builder mentality, you design and implement, not just review
  • Professionals comfortable with Kubernetes and container security.
    — “Strong understanding of containerization and orchestration systems (e.g., Kubernetes or similar)

Things to consider

  • This role requires deep technical involvement in real systems.
    — “This is a hands-on, deeply technical role focused on real systems
  • Must work closely with engineering teams on system design.
    — “Work closely with product and infrastructure teams to design secure systems

How to stand out

  • Highlight experience with sandboxing or runtime isolation technologies.
    — “Experience with sandboxing or runtime isolation technologies (e.g., gVisor, Firecracker, seccomp, or similar)
  • Show examples of securing Kubernetes in production environments.
    — “Experience securing Kubernetes or similar orchestration systems in production
  • Demonstrate a pragmatic approach to security in fast-moving environments.
    — “Pragmatic approach to security in fast-moving environments
Pace · SteadyCollaboration · HighAutonomy · MediumDecision Impact · TeamLevel · Mid

Derived from job-description analysis by Serendipath's career intelligence engine.

What success looks like

  • design and improve isolation mechanisms for multi-tenant workloads
  • strengthen boundaries between customers, workloads, and internal systems
  • secure and harden containerized workloads and orchestration systems
Typical background
Experience securing cloud-native infrastructure and systems

Skills & requirements

Required

Cloud-native Infrastructure SecurityContainer IsolationOrchestration SecurityIdentity And Access ManagementSecrets And Key ManagementNetwork Security

Preferred

Cloud Platforms (aws, GCP, Azure)

Stack & domain

Cloud-native InfrastructureContainer IsolationOrchestration SystemsIdentity And Access ManagementSecrets ManagementCloud EnvironmentsInfrastructure-as-codeProblem-solvingCollaborationInfluenceInfrastructure SecurityCloud SecurityMulti-tenant EnvironmentsContainer SecurityOrchestration Security

About the role

As an Infrastructure Security Engineer at Modal, you'll spend your days designing and enhancing security measures for cloud-native infrastructure, working closely with engineering teams to ensure robust, scalable, and secure systems. This role is ideal for someone with a strong technical background and a builder mentality, who thrives in a fast-paced, collaborative environment.

Original posting from Modal via Ashby

ABOUT US:

Modal provides the infrastructure foundation for AI teams. With instant GPU access, sub-second container startups, and native storage, Modal makes it simple to train models, run batch jobs, and serve low-latency inference. We have thousands of customers who rely on us for production AI workloads, including Lovable, Scale AI, Substack, and Suno.

We're a fast-growing team based out of NYC, SF, and Stockholm. We've hit 9-figure ARR and recently raised a Series B https://modal.com/blog/announcing-our-series-b at a $1.1B valuation. Our investors include Lux Capital https://www.luxcapital.com/, Redpoint Ventures https://www.redpoint.com/, Amplify Partners https://www.amplifypartners.com/, and Elad Gil https://eladgil.com/.

Working at Modal means joining one of the fastest-growing AI infrastructure organizations at an early stage, with many opportunities to grow within the company. Our team includes creators of popular open-source projects (e.g. Seaborn https://github.com/mwaskom/seaborn, Luigi https://github.com/spotify/luigi), academic researchers, international olympiad medalists, and experienced engineering and product leaders with decades of experience.

THE ROLE:

We’re looking for an Infrastructure Security Engineer to design and secure the core systems that power our platform. This role focuses on building security directly into our infrastructure—from container isolation and orchestration to identity and secrets management in a multi-tenant, cloud-native environment.

You’ll work closely with engineering teams to define secure primitives and ensure our platform is resilient, scalable, and trustworthy by design.

This is a hands-on, deeply technical role focused on real systems, not compliance or policy.

WHAT YOU'LL DO:

Platform & Runtime Security

  • Design and improve isolation mechanisms for multi-tenant workloads (containers, sandboxing, execution environments)
  • Strengthen boundaries between customers, workloads, and internal systems
  • Identify and mitigate risks in distributed, dynamic compute environments

Container & Orchestration Security

  • Secure and harden containerized workloads and orchestration systems (e.g., Kubernetes or similar)
  • Improve workload isolation, scheduling boundaries, and runtime protections
  • Evaluate tradeoffs in multi-tenant execution models

Identity & Access Management

  • Design and improve authentication and authorization systems across services
  • Implement strong service-to-service identity and least-privilege access patterns
  • Improve access controls across infrastructure and internal systems

Secrets & Key Management

  • Build and maintain systems for securely managing secrets, tokens, and credentials
  • Improve rotation, auditing, and access controls
  • Reduce secret sprawl and integrate secure patterns into developer workflows

Cloud & Infrastructure Security

  • Secure cloud environments across providers (AWS, GCP, etc.) with a focus on consistency and portability
  • Improve network boundaries, service segmentation, and access controls
  • Embed security into infrastructure-as-code and deployment systems

Engineering Partnership

  • Work closely with product and infrastructure teams to design secure systems from the ground up
  • Review architecture and code for security risks and provide actionable guidance
  • Identify patterns in risks and drive cross-cutting improvements

REQUIREMENTS:

Core Experience

  • Experience securing cloud-native infrastructure and distributed systems in production
  • Background in infrastructure, backend, or security engineering
  • Experience working in multi-tenant or high-scale environments

Technical Depth

  • Strong understanding of containerization and orchestration systems (e.g., Kubernetes or similar)
  • Experience designing or securing isolation mechanisms in multi-tenant systems
  • Solid understanding of authentication, authorization, and service identity models
  • Experience with secrets management and secure handling of credentials
  • Strong foundation in networking concepts (segmentation, service communication, access boundaries)

Mindset

  • Builder mentality, you design and implement, not just review
  • Pragmatic approach to security in fast-moving environments
  • Comfortable working deeply with engineers and influencing system design

PREFERRED QUALIFICATIONS:

  • Experience with sandboxing or runtime isolation technologies (e.g., gVisor, Firecracker, seccomp, or similar)
  • Familiarity with kernel-level or low-level isolation primitives
  • Experience securing Kubernetes or similar orchestration systems in production
  • Background in developer infrastructure, compute platforms, or multi-tenant systems

Source: Modal careers (Ashby)

Similar roles