Staff Software Engineer, Security

Crusoe•San Francisco, CA

7d•$215,000 - $260,000

About The Position

As a Staff Security Software Engineer, you are fundamentally a systems engineer who operates with a security-first mindset. You will design, build, and deploy the core infrastructure and automation platforms that define Crusoe's security posture. Rather than operating as a traditional security auditor, you will act as a platform architect—engineering the foundational software systems that enable secure-by-default production environments. You will own the full engineering lifecycle—from high-throughput identity and secrets management systems and Kubernetes orchestration to the development of high-throughput data pipelines—ensuring that our architecture is both performant and impregnable.

Requirements

Bachelor’s degree in Computer Science, Information Security, a related technical field, or equivalent practical job experience.
8+ years of professional software development experience, with at least 5+ years of hands-on, production-grade programming experience in languages like Go, Rust.
4+ years of hands-on experience deploying on, securing, and managing applications at scale on Kubernetes and public cloud environments.
Proven track record of designing, building, and operating high-QPS, fault-tolerant, and mission-critical distributed systems.
Strong hands-on experience with major public cloud infrastructure provider platforms (GCP or AWS).
Deep familiarity with modern continuous integration and continuous deployment pipelines, alongside robust Infrastructure-as-Code (IaC) tooling practices.
Strong experience engineering technical architectures involving complex data flows, event-driven architectures, fine-grained access controls, data retention management, and secure third-party integrations.
Expert-level proficiency in distributed systems, infrastructure automation, and developing robust, automated abstractions (like Kubernetes operators or platform-level service meshes) to manage infrastructure complexity.
Deep operational experience managing Kubernetes at scale, troubleshooting complex cluster issues, developing operators, and optimizing the control plane.
Demonstrated experience implementing and maintaining identity and secrets management solutions such as HashiCorp Vault and SPIFFE/SPIRE in production environments.

Nice To Haves

Advanced understanding of authentication, authorization at scale in distributed systems.
Experience engineering security tools or telemetry platforms within large-scale AI/ML or high-performance computing environments.
Active contributor to open-source security engineering projects or frameworks.

Responsibilities

Design, implement, and maintain highly scalable, distributed software systems that form Crusoe's core security engineering foundation.
Partner closely with product security, infrastructure security platform engineering, and specialized security domain teams to translate complex business and regulatory needs into durable, automated technical solutions while retaining complete engineering ownership.
Develop high-throughput control integrations and data pipelines to collect, normalize, and analyze security telemetry across identity systems (IAM), logs, vulnerability scanners, and continuous compliance (CCM/GRC) tools.
Architect advanced metrics engines, real-time dashboards, and analytics insights pipelines that provide continuous visibility into overall compliance health, technical risk posture, and emerging security threats.
Provide technical direction, mentorship, and architectural oversight across the security engineering team, fostering a culture of high engineering standards, operational excellence, and continuous technical innovation.
Integrate and scale automated security checks within CI/CD pipelines to ensure consistent security enforcement.
Architect and manage critical platform security services at scale, specifically PKI infrastructure, SPIFFE/SPIRE for identity, and HashiCorp Vault for secrets management, ensuring secure credential handling and identity management across our distributed environment.
Engineer secure, high-throughput distributed systems, utilizing deep Linux knowledge and Kubernetes expertise to solve complex infrastructure-level challenges.