Companies Modal Infrastructure Security Engineer

About the role

Modal

About Us:

AI needs a new infrastructure layer. We're building it at Modal.

Every era of computing brought new workloads that previous infrastructure couldn't support: mainframes, databases, and the cloud. Each time, the company that rebuilt the layer underneath defined the decade. AI is no different, except it touches everything instead of one slice, and the window to build the layer underneath it is open right now.

Our customers include category-defining companies like Lovable, Ramp, Cognition, DoorDash, and Suno. They rely on Modal for instant GPU access, sub-second container starts, and native storage, so it's simple to serve low-latency inference, fine-tune models, and access production-ready sandboxes at scale.

We recently raised a $355M Series C at a $4.65B valuation, led by General Catalyst and Redpoint Ventures. We've crossed $300M+ ARR and grown fivefold since September.

Our team includes creators of popular open-source projects (e.g.,Seaborn,Luigi), academic researchers, international olympiad medalists, and experienced engineering and product leaders with decades of experience.

The Role:

We’re looking for an Infrastructure Security Engineer to design and secure the core systems that power our platform. This role focuses on building security directly into our infrastructure—from container isolation and orchestration to identity and secrets management in a multi-tenant, cloud-native environment.

You’ll work closely with engineering teams to define secure primitives and ensure our platform is resilient, scalable, and trustworthy by design.

This is a hands-on, deeply technical role focused on real systems, not compliance or policy.

What You'll Do:

Platform & Runtime Security

  • Design and improve isolation mechanisms for multi-tenant workloads (containers, sandboxing, execution environments)

  • Strengthen boundaries between customers, workloads, and internal systems

  • Identify and mitigate risks in distributed, dynamic compute environments

Container & Orchestration Security

  • Secure and harden containerized workloads and orchestration systems (e.g., Kubernetes or similar)

  • Improve workload isolation, scheduling boundaries, and runtime protections

  • Evaluate tradeoffs in multi-tenant execution models

Identity & Access Management

  • Design and improve authentication and authorization systems across services

  • Implement strong service-to-service identity and least-privilege access patterns

  • Improve access controls across infrastructure and internal systems

Secrets & Key Management

  • Build and maintain systems for securely managing secrets, tokens, and credentials

  • Improve rotation, auditing, and access controls

  • Reduce secret sprawl and integrate secure patterns into developer workflows

Cloud & Infrastructure Security

  • Secure cloud environments across providers (AWS, GCP, etc.) with a focus on consistency and portability

  • Improve network boundaries, service segmentation, and access controls

  • Embed security into infrastructure-as-code and deployment systems

Engineering Partnership

  • Work closely with product and infrastructure teams to design secure systems from the ground up

  • Review architecture and code for security risks and provide actionable guidance

  • Identify patterns in risks and drive cross-cutting improvements

Requirements:

Core Experience

  • Experience securing cloud-native infrastructure and distributed systems in production

  • Background in infrastructure, backend, or security engineering

  • Experience working in multi-tenant or high-scale environments

Technical Depth

  • Strong understanding of containerization and orchestration systems (e.g., Kubernetes or similar)

  • Experience designing or securing isolation mechanisms in multi-tenant systems

  • Solid understanding of authentication, authorization, and service identity models

  • Experience with secrets management and secure handling of credentials

  • Strong foundation in networking concepts (segmentation, service communication, access boundaries)

Mindset

  • Builder mentality, you design and implement, not just review

  • Pragmatic approach to security in fast-moving environments

  • Comfortable working deeply with engineers and influencing system design

Preferred Qualifications:

  • Experience with sandboxing or runtime isolation technologies (e.g., gVisor, Firecracker, seccomp, or similar)

  • Familiarity with kernel-level or low-level isolation primitives

  • Experience securing Kubernetes or similar orchestration systems in production

  • Background in developer infrastructure, compute platforms, or multi-tenant systems

Ready to apply to Modal?
Apply to Modal

Similar jobs

Sign up for suggestions tailored to the jobs you open and the searches you save.

Apply now
🤖

Whoa — hold up

JobsRadar was built for real people having a rough time in their job search — not for automated requests. You're clicking way too fast and you're now temporarily blocked.

Come back later. If you're genuinely job hunting, we've got your back — just act like a human.

Catch your next role the second it’s posted.

Create a free account and we’ll watch the boards for you — the instant a job matches your search, it lands in your inbox or Telegram. No digging, no refreshing.

Create free account

Free forever · takes 30 seconds · already have one?

Get the worldwide-remote edge.

Join our Telegram channel for the stuff that helps you land the role — salary benchmarks, the weekly market pulse, and new-feature drops. No spam, just signal.

Join the channel — it's free