Cloud Infrastructure Security Engineer (Systems/Kernel)
RunPod
Runpod is the AI Developer Cloud. More than one million developers, from indie researchers to teams running frontier models in production, use Runpod to experiment, train, fine-tune, deploy, and scale AI on one platform. The platform has processed more than 20 billion inference requests. We closed a $100M Series A in June 2026. We're at an inflection point for AI infrastructure, and we're building the platform the next generation of developers will depend on.
We're a small, remote-first team. We take ownership seriously, move fast, and ship work that more than a million developers rely on every day. We're looking for people who care deeply, build with urgency, and want to matter at scale.
Learn more in our CEO's funding announcement: https://www.runpod.io/blog/one-million-developers.
As RunPod continues to revolutionize the GPU cloud computing landscape, we are seeking a systems-focused Cloud Infrastructure Security Engineer. This critical position is instrumental in safeguarding our bare-metal and virtualized environments, ensuring the absolute security, multi tenant isolation, and integrity of our underlying GPU cloud infrastructure.
The ideal candidate possesses deep knowledge of Linux systems, kernel internals, hypervisors, and containerization. You will focus on the lowest levels of our stack—preventing tenant breakouts, securing GPU hardware allocations, and building resilient infrastructure to support AI and machine learning workloads.
RunPod is seeking an innovative security engineer who thrives at the systems layer. You will operate with an Attacker's Mindset, actively hunting for ways to break container and virtualization boundaries, and then writing the low-level code to patch them.
Responsibilities:
- Systems Isolation: Design and implement robust workload and network isolation architectures for RunPod's multitenant GPU bare-metal and virtualized environments.
- Kernel & Container Security: Harden Linux kernel configurations, container runtimes (e.g., Docker, containerd), and orchestration layers (e.g., Kubernetes) against breakouts and privilege escalation.
- Infrastructure Threat Modeling: Conduct deep-dive security assessments and penetration testing specifically targeting our hypervisor, network stack, and hardware interfaces.
Don't want to miss the next one?
Subscribe to daily email alerts for roles matching your interests.