We’re looking for an Application & Infrastructure Security Engineer to help secure our cutting edge engineering and research infrastructure. We’re seeking someone curious and collaborative, who thrives in fast-paced, high-ownership environments. This role will work very closely with our security, engineering, and research teams to strike the balance of developing a secure environment while maintaining the pace of innovation.
What you’ll do
- Work with our security, engineering, and research teams to secure development pipelines and infrastructure across the company
- Act as a subject matter expert for secure development practices
- Provide practical risk assessments to help prioritize the most critical areas for improvement in our development lifecycle and infrastructure
What you’ll need
- 4+ years of hands-on experience in securing applications and infrastructure in complex cloud environments
- Strong knowledge of security principles, common vulnerabilities, and secure coding practices
- Demonstrated fluency of one or more programming languages, including but not limited to Python or Typescript
- Experience implementing and utilizing SAST/DAST tools in development pipelines
- Knowledge of secure CI/CD practices and how to implement security controls in build processes
- Hands-on experience securing cloud infrastructure in AWS and/or GCP
- Ability to rapidly prototype solutions and iterate on them with tight product deadlines
- Humility and open mindedness; at Runway we love to learn from one another
Preferred Qualifications
- Extensive experience in securing Kubernetes environments
- Experience with infrastructure as code (Terraform, CloudFormation, etc.)
- Experience with threat modeling and secure architecture design
- Knowledge of OAuth, OIDC, SAML, and other authentication/authorization protocols
- Experience securing AI development and research environments
