Upstart logo
Upstart

Our mission is to enable effortless credit based on true risk.

Infrastructure Security Engineer

Security EngineerSecurity EngineerFull TimeRemoteSeniorTeam 1,001-5,000H1B SponsorCompany SiteLinkedIn

Location

United States

Posted

75 days ago

Salary

$134.1K - $185.6K / year

Seniority

Senior

Bachelor Degree3 yrs expEnglishAWSCloudJavaKubernetesPythonTerraformGo

Job Description

Infrastructure Security Engineer

Upstart

• Design and implement security controls for cloud, platform, and deployment systems, with a focus on secure defaults and durable risk reduction. • Partner with platform, SRE, and infrastructure teams to review architecture and infrastructure changes, identify security risks, and drive practical remediation plans. • Build and improve automation for infrastructure security, including controls for cloud IAM, Kubernetes and container environments, secrets handling, and infrastructure-as-code workflows. • Identify and remediate systemic weaknesses such as misconfigurations, exposed services, weak trust boundaries, and insecure defaults in production environments. • Support infrastructure vulnerability management by helping prioritize findings, validate fixes, and improve how issues are detected and prevented over time. • Help assess and improve security controls for AI-assisted developer workflows and GenAI-enabled systems, including agentic tooling, coding assistants, and internal AI integrations that interact with production or sensitive environments. • Respond to production security issues, investigate root causes using logs, dashboards, and system context, and contribute follow-up improvements that strengthen the platform. • Contribute to team effectiveness by documenting patterns, participating in design and code reviews, and helping raise the security quality bar across engineering.

Job Requirements

  • Bachelor’s degree and 3+ years of experience in security engineering, infrastructure engineering, or a related software engineering role.
  • Experience securing or operating cloud-native infrastructure in AWS or a similar cloud environment.
  • Experience with one or more of the following domains: cloud IAM, Kubernetes/container security, network security, secrets management, or infrastructure vulnerability management.
  • Experience writing code or automation in Python, Go, Java, or a similar programming language.
  • Experience reviewing system designs, infrastructure changes, or architecture proposals and driving actionable security outcomes.
  • Experience with infrastructure-as-code and CI/CD tooling such as Terraform, Helm, GitHub Actions, or similar technologies.
  • Experience investigating and resolving moderately complex production or security issues using logs, metrics, and debugging tools.
  • Experience using AI-assisted engineering tools responsibly, with an understanding of security considerations such as sensitive data exposure, unsafe automation, access boundaries, or insecure use of generated code and infrastructure changes.

Benefits

  • Competitive compensation, including base pay, bonus opportunities, and annual equity grants that vest quarterly
  • Generous 401(k) plan with Upstart matching $2 for every $1 contributed, up to $15,000 per year
  • Employee Stock Purchase Plan (ESPP) with discounted stock purchase options for eligible employees
  • Affordable medical, dental, and vision coverage, with multiple plan options - Upstart covers 90% to 100% of the cost depending on the plans you choose
  • Health Savings Account contributions from Upstart for eligible plans
  • Income protection benefits, including company-paid Basic Life, AD&D, and Short- and Long-Term Disability coverage, with options to purchase supplemental coverage
  • Paid time off, sick and safe time, and company holidays
  • Paid family and parental leave to support caregiving and major life moments
  • Family-centered benefits through Carrot and Cleo, supporting fertility, parenthood, and caregiving
  • Employee Assistance Program (EAP) offering mental health support and life-centered resources
  • Financial wellness resources, including access to financial planning tools and a financial concierge service
  • Annual wellness allowance to support your physical and emotional well-being and personal development, based on what matters most to you
  • Annual productivity allowance to invest in relevant tools and resources you need to do your best work, no matter where you work from
  • Connection and community through team events and onsites, all-company updates, and employee resource groups (ERGs)
  • Onsite perks, including catered lunches and fully stocked micro-kitchens when working from one of our four offices, located in the Bay Area, Austin, Columbus, and New York City (opening Summer 2026!).

Related Categories

Related Job Pages

More Security Engineer Jobs

GuidePoint Security logo

Cloud Security Engineer

GuidePoint Security

We help organizations make smarter cybersecurity decisions that minimize risk.

Full TimeRemoteTeam 201-500H1B Sponsor

• Perform implementation of CNAPP and CSPM tools in multi-account AWS and Azure environments. • Implement IaC scanning tools within the CI/CD Pipelines. • Develop Infrastructure as code in Cloud Formation or Terraform. • Develop custom control checks within CNAPP Platforms using JSON, REGO, or Terraform. • Analysis – identifies and evaluates potential threats and vulnerabilities to the public cloud environments network, applications, infrastructure, and systems. • Issue Resolution – leads the resolution of identified issues in public cloud environments. • Vulnerabilities – Cloud, System, and Application • Compliance – CIS, NIST, AWS, and Azure best practices. • Cloud Entitlements – Excessive Permissions and various IAM best practices. • Secrets – unprotected secrets on VMs, Containers, and IaC repositories. • IaC – misconfigurations and vulnerabilities within developed IaC. • Deep understanding of Kubernetes and microservices security best practices. • Performs container registry scanning. • Reviewing and creating metrics, KPIs, and KRIs to track overall cloud security posture. • Create, maintain, and update runbooks for cloud configuration checks. • Assess the overall security posture of cloud security infrastructure and workloads. • Advise customers on Cloud security best practices.

Massachusetts
GuidePoint Security logo

Managing Security Consultant – PAM

GuidePoint Security

We help organizations make smarter cybersecurity decisions that minimize risk.

Full TimeRemoteTeam 201-500H1B Sponsor

• Provide technical guidance and oversight for CyberArk implementations and deployments • Architect and design CyberArk solutions aligned with customer security requirements • Lead technical discovery sessions and assess customer environments • Develop implementation roadmaps and technical project plans • Ensure adherence to CyberArk best practices and industry standards • Serve as primary technical point of contact for assigned accounts • Conduct regular business reviews and health checks with customers • Build and maintain strong relationships with customer stakeholders and technical teams • Understand customer business objectives and align CyberArk capabilities accordingly • Proactively identify opportunities for solution optimization and expansion • Oversee CyberArk vault architecture, deployment, and configuration • Guide integration with enterprise systems (Active Directory, SIEM, ticketing systems, etc.) • Troubleshoot complex technical issues and coordinate resolution • Provide Level 3 technical support and escalation management • Develop and deliver knowledge transfer sessions and training • Manage and mentor CyberArk technical team members • Coordinate resources across implementation projects • Facilitate collaboration between internal teams and customer stakeholders • Conduct performance reviews and provide technical coaching • Create and maintain technical documentation, architecture diagrams, and runbooks • Provide regular status reports and executive summaries • Document lessons learned and contributed to knowledge base • Track and report on key performance metrics and SLAs

United States
Job Closed
Full TimeRemoteTeam 201-500Since 1999H1B No Sponsor

• Conducts interactive risk workshops, Business Impact Analyses (BIA), and compliance checks • Develops vibrant security organizations for agile companies • Implements ISMS solutions in tools such as Jira and Confluence • Builds sustainable customer relationships

Germany
Job Closed

Role Description We are looking for a dynamic and experienced Lead, Information Security Architect to join our team. In this role, you will be responsible for designing and implementing advanced security technologies that safeguard our organization’s digital assets. You will collaborate with various teams to ensure that security is embedded in our technology solutions and infrastructure. - Design and implement Information Security architectures that align with business objectives and industry best practices. - Evaluate and recommend Information Security technologies, tools, and solutions to enhance the organization’s security posture. - Lead the development of Information Security policies, standards, and procedures related to technology architecture. - Collaborate with IT, development, and operations teams to integrate Information Security measures into existing and new systems. - Conduct threat modeling and risk assessments to identify vulnerabilities and recommend mitigation strategies. - Stay informed about emerging Information Security technologies and trends, and assess their applicability to the organization. - Provide technical leadership and mentorship to Infrastructure, Security and IT teams, fostering a culture of security awareness. - Communicate Information Security architecture concepts and strategies to stakeholders at all levels of the organization. Qualifications - 10+ years in infrastructure and cybersecurity, with at least 5+ years leading global teams in infrastructure or security operations, identity management or security engineering. - Proven experience in the pharmaceutical, healthcare, or other highly regulated industries preferred. - Strong understanding of infrastructure and security technologies, including firewalls, intrusion detection/prevention systems, endpoint protection, and encryption. - Experience with cloud security and securing cloud-based applications (e.g., AWS, Azure, Google Cloud). - Familiarity with security frameworks (e.g., NIST, ISO 27001) and compliance regulations (e.g., GDPR, HIPAA). - Excellent analytical and problem-solving skills, with a strategic mindset. - Strong communication and interpersonal skills, with the ability to work effectively in a team environment. - Bachelor's Degree Requirements - This position is based in Northbrook, Illinois. - Remote work from anywhere in the US is available. - Hybrid working solution allowing time to connect with colleagues at the office with the flexibility to also work from home. Benefits - Medical, Dental and Vision Insurance - Generous Paid Time Off options, including Vacation and Sick time, plus national holidays including year-end shut down - 401(k) match and annual company contribution - Company paid life insurance - Annual Corporate Bonus and Quarterly Sales Incentive for eligible positions - Long Term Incentive Plan for eligible positions - Company fleet vehicle for eligible positions - Referral bonus program

United States
$161.9K - $243.5K / year