Security Engineer

As RunPod continues to revolutionize the GPU cloud computing landscape, we are seeking a full-time, remote Security Engineer to join our team. This critical position will be instrumental in safeguarding our innovative GPU cloud platform, ensuring the security and isolation of our customers' workloads while enabling continued growth and pushing the boundaries of AI and machine learning infrastructure.

The ideal candidate will possess experience with offensive and defensive security, coupled with strong software development abilities and deep knowledge of Linux systems and containerization. This role offers the opportunity to work on cutting-edge GPU cloud technologies, solve complex security challenges at scale, and directly contribute to the resilience and trustworthiness of RunPod's infrastructure and services. 

We provide competitive compensation, including stock options, and the flexibility of remote work within a culture that values innovation, continuous learning, and technical excellence.

Description

• Job Title: Security Engineer
• Full time, Remote
• Reports to: Head of Engineering
• Salary Range: $152,000 - $175,000

RunPod is seeking a proactive and innovative Security Engineer to join our dynamic team. The ideal candidate will be a problem-solver who can identify security vulnerabilities, develop and implement fixes, and work collaboratively with our software engineering teams to build secure systems that power the future of GPU cloud computing.

Key aspects of our Security Engineering approach at RunPod include:

1. Active Problem Solving: We don't just identify security issues; we actively develop and implement solutions. Our Security Engineers write code to fix vulnerabilities and improve our overall security posture, ensuring the isolation integrity of our GPU powered cloud platform.
2. Integrated Security: We believe security should be woven into the fabric of our development process. Our Security Engineers work side-by-side with software engineers, operating as integral members of the team to ensure security is considered at every stage of our platform's development.
3. Attacker's Mindset: We prioritize real-world security over checkbox compliance. Our approach involves thinking like an attacker to anticipate and mitigate potential threats before they can be exploited, crucial in a multitenant GPU cloud environment.
4. Continuous Improvement: We constantly iterate on our security practices and tooling, using data-driven decisions to enhance our defense mechanisms and incident response capabilities, adapting to the evolving needs of the AI landscape.

As a Security Engineer at RunPod, you'll play a crucial role in safeguarding our GPU cloud platform, ensuring the security and isolation of our customers' workloads. You'll be at the forefront of implementing cutting-edge security practices for cloud environments, working closely with development teams to embed security into our software development lifecycle (SDLC). This role offers the opportunity to tackle complex security challenges in multitenant GPU cloud environments, contribute to the development of secure, scalable systems, and drive RunPod's security posture forward.

Responsibilities:

• Design and implement secure architectures for RunPod's multitenant GPU cloud platform, ensuring strong isolation between customer workloads
• Conduct thorough security assessments, including threat modeling, code reviews, and penetration testing of our cloud infrastructure and services
• Develop and implement security fixes and improvements in collaboration with software engineering teams
• Implement and manage security tools and systems (e.g., SIEM, WAF, EDR)
• Create and maintain security documentation, including policies, procedures, and technical guidelines specific to GPU cloud security
• Provide security guidance and training to development teams to foster a security-first culture in cloud development
• Participate in incident response activities and contribute to post-incident analysis and improvements
• Collaborate with operations team to ensure adherence to relevant standards (e.g., SOC 2, ISO 27001, GDPR)

Required Qualifications:

• Bachelor's degree in Computer Science, Cybersecurity, or a related field
• 5+ years of experience in information security roles, with a focus on cloud security
• Strong programming skills in at least one language (ideally, Python, Go, or C)
• Extensive knowledge of Linux kernel internals, containerization technologies, and virtualization
• Deep understanding of workload/network isolation techniques in multitenant cloud environments
• Experience securing and hardening cloud infrastructure, particularly in environments with untrusted workloads
• Familiarity with GPU architecture and security considerations in GPU cloud computing
• Strong background in network security, application security, and cloud-native security practices
• Experience with security testing tools and methodologies (e.g., OWASP, Burp Suite, static/dynamic analysis tools)
• Familiarity with common cybersecurity frameworks (e.g., NIST, CIS Controls) and their application to cloud environments
• Excellent problem-solving skills and ability to think creatively about security challenges in cloud computing

Preferred Qualifications:

• Relevant security certifications (e.g., CISSP, CCSP, OSCP)
• Experience with DevSecOps practices and tools in cloud environments
• Deep knowledge of containerization and orchestration technologies (e.g., Docker, Kubernetes) and their security implications
• Familiarity with regulatory compliance requirements for operating cloud services
• Contributions to open-source security projects or security research publications related to cloud or GPU computing
• Experience with GPU programming and understanding of GPU-specific security concerns

What We Offer:

• Competitive salary and comprehensive benefits package
• Flexible remote work environment
• Opportunities for professional development and certifications in cloud and GPU technologies
• Collaborative and innovative work culture at the forefront of GPU cloud computing
• Chance to work on cutting-edge security challenges in a rapidly evolving field

If you're passionate about cloud security, have a deep understanding of Linux and containerization, and want to make a significant impact on the security posture of a growing GPU cloud platform, we want to hear from you. Join the RunPod team and help us build a more secure future for AI cloud computing!