Security Engineer, Infrastructure

About the Role

We’re looking for a Security Engineer, Infrastructure to secure the core systems that power fal.ai’s platform: GPU compute, multi‑cloud environments, networking, and data pipelines. You’ll operate across the full stack, from cloud and Kubernetes to identity, networking, and secrets, designing and implementing security controls that scale with a high‑performance AI platform. This role is highly hands‑on and systems‑oriented, sitting at the intersection of security, infrastructure, and distributed systems.

What You’ll Do

• Build & Harden Infrastructure Security

  • Design and implement security controls across:
    • Cloud infrastructure
    • Kubernetes and containerized workloads
    • Networking, service meshes, and edge systems
    • CI/CD pipelines and deployment systems
    • Secure compute environments for GPU workloads and model execution

• Identity, Secrets & Access

  • Machine identity and workload authentication
  • Secrets management and encryption (e.g., Vault, KMS)
  • Least‑privilege access and short‑lived credentials
  • Implement Zero Trust principles across infrastructure

• Secure AI & Data Systems

  • Protect model weights, inference endpoints, and customer data
  • Design secure data access pathways and isolation mechanisms
  • Ensure safe multi‑tenant execution environments

• Automation & Security Tooling

  • Build security guardrails directly into infrastructure and CI/CD
  • Use Infrastructure‑as‑Code (Terraform, Pulumi) to enforce secure defaults
  • Continuously identify and remediate security gaps through automation

• Threat Modeling & Risk Reduction

  • Identify and mitigate risks across infrastructure layers
  • Defend against both external attackers and insider threats
  • Drive projects like network isolation, encryption, and secure service communication

• Cross‑Functional Collaboration

  • Partner with platform, infra, and ML teams to drive shift‑left security
  • Enable engineers to move fast with secure‑by‑default systems
  • Contribute to a strong security culture across the company

What We’re Looking For

Core Requirements

• 8+ years in security engineering, infrastructure, or SRE
• Strong understanding of:
  • Cloud security (AWS, GCP, or Azure)
  • Networking fundamentals (segmentation, firewalls, Zero Trust)
  • Linux systems and container security (Docker, Kubernetes)
• Experience building or securing production infrastructure at scale

Security Expertise

• Deep knowledge of:
  • Authentication & authorization systems
  • Secrets management and cryptography basics
  • Common vulnerabilities and attack vectors
• Ability to design security controls across multiple layers (infra → app)

Engineering Skills

• Proficiency in at least one language (Go, Python, or similar)
• Experience with Infrastructure‑as‑Code (Terraform preferred)
• Strong automation mindset—security should scale with systems

Nice to Have

• Experience with GPU infrastructure or ML systems
• Multi‑tenant platform isolation
• Service mesh / zero‑trust architectures
• High‑growth startup environments

What Makes This Role Unique

• Work on cutting‑edge AI infrastructure security (not just SaaS)
• Secure GPU clusters, model execution, and real‑time inference systems
• High ownership: design systems from first principles
• Direct impact on developer trust and platform reliability

Our Security Philosophy

• Secure‑by‑default > bolt‑on security
• Enable developers, don’t block them
• Automate everything
• Assume breach, design for resilience

Compensation & Benefits

• Competitive salary + equity
• Full health, dental, and vision coverage
• Opportunity to work on frontier AI infrastructure

Why fal.ai

You’ll help define what security looks like for the next generation of AI infrastructure—where performance, scale, and safety all matter.