Principal Security Engineer

Principal Security Engineer

Remote, USA

Runpod is pioneering the future of AI and machine learning, offering cutting-edge cloud infrastructure for full-stack AI applications. Founded in 2022, we are a rapidly growing, well-funded company with a remote-first organization spread globally. Our mission is to empower innovators and enterprises to unlock AI's true potential, driving technology and transforming industries. Join us as we shape the future of AI.

As Runpod continues to revolutionize the GPU cloud computing landscape, we are seeking a full-time, remote Security Engineer to join our team. This critical position will be instrumental in safeguarding our innovative GPU cloud platform, ensuring the security and isolation of our customers' workloads while enabling continued growth and pushing the boundaries of AI and machine learning infrastructure. We are looking for someone who is a problem-solver who can identify security vulnerabilities, develop and implement fixes, and work collaboratively with our software engineering teams to build secure systems that power the future of GPU cloud computing.

The ideal candidate will possess experience with offensive and defensive security, coupled with strong software development abilities and deep knowledge of Linux systems and containerization. This role offers the opportunity to work on cutting-edge GPU cloud technologies, solve complex security challenges at scale, and directly contribute to the resilience and trustworthiness of Runpod's infrastructure and services.

Key aspects of our Security Engineering approach at Runpod include:

1. Active Problem Solving: We don't just identify security issues; we actively develop and implement solutions. Our Security Engineers write code to fix vulnerabilities and improve our overall security posture, ensuring the isolation integrity of our GPU powered cloud platform.
2. Integrated Security: We believe security should be woven into the fabric of our development process. Our Security Engineers work side-by-side with software engineers, operating as integral members of the team to ensure security is considered at every stage of our platform's development.
3. Attacker's Mindset: We prioritize real-world security over checkbox compliance. Our approach involves thinking like an attacker to anticipate and mitigate potential threats before they can be exploited, crucial in a multitenant GPU cloud environment.
4. Continuous Improvement: We constantly iterate on our security practices and tooling, using data-driven decisions to enhance our defense mechanisms and incident response capabilities, adapting to the evolving needs of the AI landscape.

As a Security Engineer at Runpod, you'll play a crucial role in safeguarding our GPU cloud platform, ensuring the security and isolation of our customers' workloads. You'll be at the forefront of implementing cutting-edge security practices for cloud environments, working closely with development teams to embed security into our software development lifecycle (SDLC). This role offers the opportunity to tackle complex security challenges in multitenant GPU cloud environments, contribute to the development of secure, scalable systems, and drive Runpod's security posture forward.

If you're passionate about cloud security, have a deep understanding of Linux and containerization, and want to make a significant impact on the security posture of a growing GPU cloud platform, we want to hear from you. Join the Runpod team and help us build a more secure future for AI cloud computing!

Responsibilities:

• Design and implement secure architectures for Runpod's multitenant GPU cloud platform, ensuring strong isolation between customer workloads
• Conduct thorough security assessments, including threat modeling, code reviews, and penetration testing of our cloud infrastructure and services
• Develop and implement security fixes and improvements in collaboration with software engineering teams
• Implement and manage security tools and systems (e.g., SIEM, WAF, EDR)
• Create and maintain security documentation, including policies, procedures, and technical guidelines specific to GPU cloud security
• Provide security guidance and training to development teams to foster a security-first culture in cloud development
• Participate in incident response activities and contribute to post-incident analysis and improvements
• Collaborate with operations team to ensure adherence to relevant standards (e.g., SOC 2, ISO 27001, GDPR)

Requirements:

• Bachelor's degree in Computer Science, Cybersecurity, or a related field
• 5+ years of experience in information security roles, with a focus on cloud security
• Strong programming skills in at least one language (ideally, Python, Go, or C)
• Extensive knowledge of Linux kernel internals, containerization technologies, and virtualization
• Deep understanding of workload/network isolation techniques in multitenant cloud environments
• Experience securing and hardening cloud infrastructure, particularly in environments with untrusted workloads
• Familiarity with GPU architecture and security considerations in GPU cloud computing
• Strong background in network security, application security, and cloud-native security practices
• Experience with security testing tools and methodologies (e.g., OWASP, Burp Suite, static/dynamic analysis tools)
• Familiarity with common cybersecurity frameworks (e.g., NIST, CIS Controls) and their application to cloud environments
• Excellent problem-solving skills and ability to think creatively about security challenges in cloud computing
• Successful completion of a background check

Preferred:

• Relevant security certifications (e.g., CISSP, CCSP, OSCP)
• Experience with DevSecOps practices and tools in cloud environments
• Deep knowledge of containerization and orchestration technologies (e.g., Docker, Kubernetes) and their security implications
• Familiarity with regulatory compliance requirements for operating cloud services
• Contributions to open-source security projects or security research publications related to cloud or GPU computing
• Experience with GPU programming and understanding of GPU-specific security concerns

What You'll Receive:

• The competitive base pay for this position ranges from $200,000 - $320,000. Factors that may be used to determine your actual pay may include your specific job related knowledge, skills and experience.
• Meaningful equity in a fast-growing AI infra company- everyone on the team receives stock options — your impact drives our growth, and you share in the upside.
• Generous medical, dental & vision plans
• Flexible PTO- take the time you need to recharge
• Most roles have are remote work first with an inclusive, collaborative teams utilizing slack as the main form of internal communication
• Join a passionate team on the cutting edge of AI infrastructure — where culture, learning, and ownership are at the heart of how we scale.
• $1,200 Home Office & Equipment Stipend- We set you up for success from day one with gear and support to create your ideal workspace

Runpod is committed to maintaining a workplace free from discrimination and upholding the principles of equality and respect for all individuals. We believe that diversity in all its forms enhances our team. As an equal opportunity employer, Runpod is committed to creating an inclusive workforce at every level. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, marital status, protected veteran status, disability status, or any other characteristic protected by law.