Principal Platform Security Engineer (Cloud/K8S)
About The Position
The Platform Security team secures Gemini’s infrastructure through service hardening and by developing and supporting a suite of foundational tools. We provide secure-by-default infrastructure, consumable security services, and expert consultation to engineering teams for secure cloud and non-cloud infrastructure. The Platform Security team builds and delivers zero-trust foundations and paved paths so every Gemini team can ship safely on supported cloud platforms. As a Principal Cloud and Kubernetes Security Engineer, you will architect and build security platforms that define how Gemini operates in the cloud. You will set technical direction for cloud security, design foundational services used across the organization, and establish engineering standards for secure infrastructure. This is a hands-on technical leadership role where you'll write production code daily while driving strategic initiatives. You will own the technical vision for cloud security architecture, mentor engineers across teams, and influence how the entire organization builds and deploys infrastructure. This role requires exceptional technical expertise in cloud security, mastery of Terraform and infrastructure-as-code, and proven ability to build production services that scale. You will shape security culture by creating platforms that make secure patterns the default choice for engineering teams. This role is required to be in person twice a week at either our San Francisco, CA or New York City, NY office.
Requirements
- Exceptional software development skills in Python or Go with proven track record of building production platforms
- Deep expertise securing AWS environments at scale, including advanced IAM, network architecture, and security services
- Mastery of Terraform including provider development, complex module design, and enterprise-scale implementations
- Extensive experience with Kubernetes security, including building operators, admission controllers, and platform extensions
- Proven ability to architect distributed systems and cloud-native platforms
- Track record of leading technical initiatives that transformed organizational capabilities
Nice To Haves
- Experience building security platforms adopted by 100+ engineers
- Contributions to open source security tools or infrastructure projects
- Experience with GCP security services and multi-cloud architectures including Azure
- Expertise in policy-as-code frameworks and compliance automation
- Published research, conference talks, or thought leadership in cloud security
- Experience building developer platforms and improving engineering velocity
Responsibilities
- Architect and build security platforms, frameworks, and services that scale across the organization
- Set technical standards and best practices for cloud security and infrastructure-as-code
- Design and implement foundational security services used by multiple engineering teams
- Drive adoption of new technologies and security patterns across the organization
- Lead technical decisions for multi-quarter initiatives spanning cloud, container, and infrastructure security
- Mentor engineers across teams on secure architecture and engineering practices
- Participate in on-call rotation for critical security incidents and infrastructure issues
Benefits
- Competitive starting salary
- A discretionary annual bonus
- Long-term incentive in the form of a new hire equity grant
- Comprehensive health plans
- 401K with company matching
- Paid Parental Leave
- Flexible time off
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Principal
Education Level
No Education Listed
Number of Employees
501-1,000 employees
