Staff Platform Security Engineer (Cloud/K8S)

GeminiSan Francisco, CA
98d$168,000 - $240,000
Match Resume

About The Position

The Platform Security team builds and delivers zero-trust foundations and paved paths so every Gemini team can ship safely on supported cloud platforms. As a Staff Cloud and Kubernetes Security Engineer, you will build security services, tools, and automation while hardening our cloud environments (primarily AWS), securing container orchestration platforms, and implementing infrastructure-as-code security guardrails. This is a hands-on engineering role where you'll write production code daily, not just infrastructure-as-code. You'll design and build security platforms that scale across our engineering organization. This role requires deep technical expertise in cloud security, strong Terraform proficiency, and strong software development skills to build production services. You will partner closely with engineering teams to enable rapid, secure delivery while maintaining zero standing privilege and least-privilege access models. This role is required to be in person twice a week at either our San Francisco, CA or New York City, NY office.

Requirements

  • Strong software development skills in Python or Go with experience building production services
  • Strong experience securing AWS environments including IAM, VPC, KMS, and native security services
  • Deep Terraform expertise including module development, CI/CD gates, policy testing, remote state management, and zero-downtime deployments
  • Proven expertise with Kubernetes security including admission controls, RBAC, network policies, and runtime protection
  • Experience with distributed systems, cloud-native architectures, and SRE principles
  • Demonstrated ability to build, deploy, and maintain security tools and services in production

Nice To Haves

  • Experience with GCP security services and multi-cloud environments including Azure
  • Knowledge of policy-as-code tools such as Open Policy Agent, Sentinel, or similar
  • Experience with container security scanning, image signing, and supply chain security
  • Background in incident response for cloud and container environments
  • Experience with service mesh technologies and zero-trust networking
  • Contributions to open source security tools or cloud security communities

Responsibilities

  • Build and maintain security services, tools, and automation using Python or Go
  • Design and implement security controls for AWS and Kubernetes environments using infrastructure-as-code
  • Create reusable libraries, frameworks, and platforms that enable secure-by-default patterns
  • Develop automated security monitoring, scanning, and remediation services
  • Build CI/CD security gates and policy-as-code validation tools
  • Partner with engineering teams on architecture decisions and provide security consultation
  • Participate in on-call rotation for critical security incidents and infrastructure issues

Benefits

  • Competitive starting salary
  • A discretionary annual bonus
  • Long-term incentive in the form of a new hire equity grant
  • Comprehensive health plans
  • 401K with company matching
  • Paid Parental Leave
  • Flexible time off

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Senior

Job Search Resources

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service