Security Engineer, Cloud Infrastructure
Role Overview
This senior-level Security Engineer role involves architecting and implementing cloud infrastructure security, focusing on multi-account AWS tenant isolation, Kubernetes hardening, and cloud security posture management. The hire will own the entire cloud security domain, building infrastructure that ensures data segregation for enterprise clients, using AI tools to automate tasks and enhance security. This is a hands-on position requiring deep expertise to directly impact business operations by enabling secure service delivery.
Perks & Benefits
The role is primarily in-person in San Francisco, NYC, or London offices five days a week, with first Fridays remote, and includes relocation and housing support for SF. Benefits include equity ownership, comprehensive health insurance, daily meal stipend, and premium fitness membership. The culture emphasizes AI-native work with frontier tools, offering ownership from day one and exposure to cutting-edge AI advancements alongside leading labs.
Full Job Description
About Mercor
Mercor is defining the future of work. We partner with leading AI labs and enterprises to provide the human intelligence essential to AI development.
Our vast talent network trains frontier AI models in the same way teachers teach students: by sharing knowledge, experience, and context that can't be captured in code alone. Today, more than 30,000 experts in our network collectively earn over $2 million a day.
Mercor is creating a new category of work where expertise powers AI advancement. Achieving this requires an ambitious, fast-paced and deeply committed team. You’ll work alongside researchers, operators, and AI companies at the forefront of shaping the systems that are redefining society.
Mercor is a profitable Series C company valued at $10 billion. We work in-person five days a week in our San Francisco, NYC, or London offices.
You'll own cloud and infrastructure security at a company where tenant isolation is a critical enterprise requirement. Mercor's customers - including frontier AI labs - need hard guarantees that their data stays within strict boundaries. This is not a compliance checkbox role. You'll architect multi-account AWS isolation, harden Kubernetes clusters, deploy cloud security posture management, and build the infrastructure that lets Mercor serve enterprise clients who demand the highest security bar.
We use AI heavily in our own security work. You should be comfortable building alongside AI code-gen tools, using LLMs to accelerate infrastructure review and policy authoring, and automating away the repetitive work that slows infrastructure security down. If you'd rather write a Terraform module than fill out a spreadsheet, you'll fit in here.
We're in-person five days a week at our SF headquarters, with first Fridays remote.
What You'll Build:
Multi-account AWS tenant isolation architecture - dedicated accounts, SCPs, network boundaries, and data segregation for enterprise clients
Cloud security posture management using Wiz CSPM - continuous monitoring, misconfiguration detection, and automated remediation
Kubernetes security hardening - pod security standards, network policies, secrets management, and runtime protection
Infrastructure-as-code security guardrails - Terraform/CloudFormation policies that prevent insecure deployments before they reach production
IAM architecture and least-privilege access controls across AWS, Snowflake, and internal services
Incident response infrastructure - logging pipelines, forensic readiness, and blast radius containment
What We're Looking For
Deep AWS security expertise - you've architected multi-account strategies, written SCPs, and hardened production environments
Experience with Kubernetes security in production - not just tutorials, you've secured real clusters running real workloads
Strong infrastructure-as-code skills - Terraform, CloudFormation, or Pulumi - you think in code, not console clicks
Experience with CSPM/CNAPP platforms (Wiz, Prisma Cloud, or similar) - deploying, tuning, and driving remediation
Understanding of network security at the cloud level - VPCs, security groups, transit gateways, PrivateLink
You've designed tenant isolation for multi-tenant SaaS - data segregation, compute isolation, network boundaries
5+ years of professional experience in cloud security, infrastructure security, or platform/SRE engineering with a strong security focus
Bonus Points
Experience with Snowflake security - schema-level isolation, access controls, data sharing governance
Familiarity with container runtime security (Falco, SentinelOne Cloud Workload Protection, or similar)
Offensive cloud security skills - you've exploited misconfigurations and understand the attacker's perspective
Experience building compliance-ready infrastructure (SOC 2, ISO 27001, FedRAMP)
You've handled cloud security incidents - forensics, containment, and root cause analysis in AWS
Contributions to open source infrastructure security tools
Why Mercor
The deliverable is concrete. Enterprise clients require tenant isolation as a baseline. You'll build infrastructure that directly enables the business.
AI-native infrastructure security. You'll use frontier AI tools daily - for policy authoring, misconfiguration analysis, and anything that benefits from an AI co-pilot.
Ownership from day one. You'll own the entire cloud security domain - from AWS architecture to Kubernetes hardening to CSPM operations.
See the future early. Working alongside AI labs means you'll understand frontier model capabilities months before the market.
Benefits
Equity ownership in a high-growth, profitable company
Relocation support to San Francisco, NYC, or London as needed
Housing support near our SF office
Daily meal stipend
Premium fitness membership at Equinox
Comprehensive health insurance
Similar jobs
Found 6 similar jobs