Key skills
Cloud securityLinux hardeningNetwork securityModern cloud architecturesVMsContainersServerlessKubernetesNetwork security toolsVPNIdentity and Access Management (IAM)Security automation scriptingPythonBashGoInfrastructure as Code (Terraform)AppArmorSeccompAWSGCPAzureThreat modelingIdentity Aware ProxiesBastion hostsSecurity certifications OSCPSecurity certifications CKSAITerraformIAMCommunicationCloud Security
About this role
Nebius is leading a new era in cloud infrastructure for the global AI economy, building a full-stack AI cloud platform. The role of Infrastructure Security Engineer involves securing cloud and on-premises infrastructure, implementing security controls, monitoring threats, and ensuring compliance with industry standards.
Responsibilities:
- Design and implement security measures to protect cloud and on-premises infrastructure
- Identify and remediate vulnerabilities in cloud environments, networks, and operating systems
- Build and maintain cloud and infrastructure security tools
- Perform security reviews, threat modeling and risk assessments of infrastructure components
- Develop and maintain security guidelines for Network and SRE teams
- Collaborate with Network and SRE teams to integrate security best practices into their processes and systems
- Stay updated on the latest security threats, vulnerabilities, and mitigation techniques
- Serve as an network and infrastructure security subject matter expert to other teams
Requirements:
- 4+ years of experience in network, infrastructure or cloud security
- Strong understanding of modern cloud architectures and deployment models (VMs, containers, serverless, Kubernetes)
- Solid knowledge in networks, distributed systems and Linux systems engineering
- Hands-on experience with network, VPN and Linux security
- Understanding of Identity and Access Management (IAM) systems
- Experience with security automation tools and scripting (e.g. Python, Bash, Go, etc.) and willingness to learn Go, if necessary
- Experience in using and accessing security of Infrastructure as Code (Terraform)
- Experience in hardening Linux based systems (apparmor, seccomp, etc.)
- Experience in hardening Kubernetes
- Strong problem-solving and analytical skills
- Good written and verbal communication skills in English
- Willingness to learn new things
- Being comfortable working independently
- Proficiency in securing AWS, GCP, or Azure environments
- Experience in conducting threat-modeling sessions
- Experience in designing, building, and maintaining Identity Aware Proxies or Bastion hosts
- Experience in translating compliance and regulation requirements into technical specifications
- Experience in exploiting vulnerabilities in Linux kernel, VMs, containers, and networks
- Experience in securing bare metal workloads
- Security certifications such as OSCP or CKS