We’re looking for an Application & Infrastructure Security Engineer to help secure our cutting edge engineering and research infrastructure. We’re seeking someone curious and collaborative, who thrives in fast-paced, high-ownership environments. This role will work very closely with our security, engineering, and research teams to strike the balance of developing a secure environment while maintaining the pace of innovation.

What you’ll do

  • Work with our security, engineering, and research teams to secure development pipelines and infrastructure across the company
  • Act as a subject matter expert for secure development practices
  • Provide practical risk assessments to help prioritize the most critical areas for improvement in our development lifecycle and infrastructure

What you’ll need

  • 4+ years of hands-on experience in securing applications and infrastructure in complex cloud environments
  • Strong knowledge of security principles, common vulnerabilities, and secure coding practices
  • Demonstrated fluency of one or more programming languages, including but not limited to Python or Typescript
  • Experience implementing and utilizing SAST/DAST tools in development pipelines
  • Knowledge of secure CI/CD practices and how to implement security controls in build processes
  • Hands-on experience securing cloud infrastructure in AWS and/or GCP
  • Ability to rapidly prototype solutions and iterate on them with tight product deadlines
  • Humility and open mindedness; at Runway we love to learn from one another

Preferred Qualifications

  • Extensive experience in securing Kubernetes environments
  • Experience with infrastructure as code (Terraform, CloudFormation, etc.)
  • Experience with threat modeling and secure architecture design
  • Knowledge of OAuth, OIDC, SAML, and other authentication/authorization protocols
  • Experience securing AI development and research environments