Security Engineer, Infrastructure Security

Who We Are Serval is an AI-native automation platform transforming how enterprises operate. We build intelligent agents that understand real-world workflows and execute them end-to-end — replacing manual processes and rigid legacy systems with adaptive, learning software. Founded in early 2024, Serval is already trusted by companies like Fox, Notion, Perplexity, Vercel, and Brex to automate high-volume, high-friction operational work across their organizations. At the core of Serval is an agentic AI platform that turns natural language into production-grade workflows. Our agents don’t just respond to requests — they reason, take action across systems, and continuously improve with usage. What began with operational use cases has quickly evolved into a horizontal AI automation layer used across IT, HR, Finance, Security, Legal, and Engineering. Our mission is to eliminate repetitive, manual work across the enterprise and give teams leverage through intelligent automation. Long term, we’re building the universal AI operations layer — a system of agents that sits across business functions and runs the workflows that keep modern companies moving. We’re backed by leading investors including Sequoia Capital, Redpoint Ventures, Meritech, First Round, General Catalyst, Elad Gil, and others. Role Overview As Infrastructure Security Lead, you'll build and scale the foundations of how Serval secures its cloud, compute, and platform infrastructure. You will set the strategy and drive execution for securing our AWS environments, Kubernetes clusters, container runtimes, and the production systems our customers trust us to operate in; making security a property of the infrastructure itself rather than a control bolted on afterward. You'll be a hands‑on leader with deep technical credibility and strong engineering instincts. You will build and mentor a team, partner closely with Engineering and Product, and ensure that secure‑by‑default infrastructure, least‑privilege access, and strong isolation boundaries are designed into the systems that power Serval. What You’ll Do Design, implement, and operate Serval's infrastructure security program across cloud (AWS), Kubernetes, container runtimes, networking, and CI/CD, including hardening, configuration baselines, workload isolation, and continuous posture management. Own cloud and identity security, driving least‑privilege IAM, secrets management, key management, network segmentation, and the guardrails that keep our multi‑tenant production environment safe at scale. Secure the container and orchestration stack end‑to‑end. Image provenance and supply‑chain integrity, registry and admission controls, runtime sandboxing and isolation, and Kubernetes hardening (RBAC, network policies, pod security), with particular attention to the isolated workers that execute customer workflows. Build, lead, and directly mentor a team spanning cloud security, platform/Kubernetes security, and infrastructure vulnerability management, hiring and scaling these functions deliberately and proportionately as Serval's platform and customer footprint grow. Drive infrastructure vulnerability management and remediation, partnering with engineering to identify, prioritize, and durably close exposure across cloud configuration, dependencies, base images, and the software supply chain. Embed security into the platform by design, partnering deeply across Engineering, Product, and Infrastructure so that secure defaults, paved roads, and policy‑as‑code are the easiest path for engineers, not an afterthought. Build infrastructure capable of withstanding sophisticated adversaries, including by using Serval's own agents to solve frontier infrastructure‑security and security‑engineering problems. What You’ll Need Have 10+ years in cybersecurity with deep expertise in cloud security, infrastructure security engineering, and platform/production hardening. Have deep, hands‑on expertise with AWS, Kubernetes, container runtimes (e.g., gVisor/Firecracker‑style isolation), and infrastructure‑as‑code (Terraform). Have deep experience building and leading infrastructure/cloud security, platform security, and vulnerability management teams. Have stellar leadership skills and a demonstrated history of driving durable, continuous improvements to programs, processes, and people. Have strong software‑engineering instincts, comfortable reading and writing code, building tooling and automation, and shipping policy‑as‑code and secure‑by‑default paved roads alongside engineering teams. Have deep expertise in cloud and identity security primitives: IAM, secrets and key management, network segmentation, workload isolation, and multi‑tenant boundary design. Understand modern adversary tradecraft (TTPs) against cloud and container infrastructure, and have demonstrated experience translating it into practical hardening, isolation, and remediation strategies. Are mission‑oriented, have unimpeachable integrity, and are passionate about building resilient, defensible infrastructure in a highly complex, fast‑paced environment. What We Offer Impact : Be a key player in shaping the success of our product and company. Growth : Build a fundamentally new AI product offering with the support of our experienced team and investors. Grow rapidly with the company. Culture : Join a culture that values innovation, ownership, accountability, and fun. #J-18808-Ljbffr Serval