{"schemaVersion":"jobsearcher.job.v1","id":"c324709a9bd454b9e1beba8d","url":"https://jobsearcher.com/jobs/c324709a9bd454b9e1beba8d","canonicalUrl":"https://jobsearcher.com/jobs/c324709a9bd454b9e1beba8d","title":"Software Engineer, Security Infrastructure","description":"At SIFT, we're redefining how modern machines are built, tested, and operated. Our platform provides engineers with real-time observability over high-frequency telemetry, eliminating bottlenecks and enabling faster, more reliable development.\r\nSIFT was born from our work at SpaceX on Dragon, Falcon, Starlink, and Starship—where scaling telemetry, debugging flight systems, and ensuring mission reliability demanded new infrastructure. Founded by a team from SpaceX, Google, and Palantir, Sift is built for mission-critical systems where precision and scalability are non-negotiable.\r\nAbout the Role\r\nAs a Software Engineer, Security Infrastructure, you will not just maintain a security checklist; you will define the posture, architecture, and practices that keep our products and infrastructure secure in the most demanding environments.\r\nYou will be both hands-on and strategic, building controls, automating compliance, and owning SIFT's security posture end-to-end, with technical security engineering as the primary focus. You will set the standard for how we protect our systems and data, ensuring resilience against modern threats while partnering with external compliance specialists to meet the requirements of aerospace, defense, and enterprise sectors.\r\nIn This Role, You'll:\r\nBuild and maintain tooling, scripts, services, and automation that assess, enforce, and monitor security and compliance controls across our AWS cloud environments, Kubernetes clusters, and CI/CD pipelines.\r\nDevelop lightweight internal solutions (e.g., policy-as-code, custom scanners, CI/CD integrations) that make security and compliance automatic, auditable, and invisible to the rest of engineering.\r\nEmbed security guardrails directly into infrastructure-as-code (Terraform), container orchestration, and deployment workflows so that secure-by-default becomes the path of least resistance.\r\nPartner closely with the infrastructure and platform engineering teams to harden cloud-native systems, implement access controls, encryption, logging/monitoring, and vulnerability management at scale.\r\nImprove visibility into our overall security posture through automated reporting, dashboards, and real-time observability that highlight risks and control coverage.\r\nTranslate compliance requirements (SOC 2, FedRAMP, and related frameworks) into pragmatic, enforceable technical implementations rather than manual checklists.\r\nReduce toil by automating security workflows, compliance validation, and remediation so engineering can ship fast without compromising security.\r\nSupport incident response and post-incident improvements by building better observability and tooling that accelerates detection and recovery.\r\nConduct security reviews of new features, services, and infrastructure changes, providing clear guidance that helps teams design and implement secure solutions.\r\nThe Skillset You'll Bring\r\nTechnical Skills\r\n4–7+ years of hands-on experience in security engineering, platform/DevSecOps, or cloud infrastructure roles (founding or early-stage security builder experience strongly preferred).\r\nProven track record shipping production-grade security automation in cloud-native environments (AWS strongly preferred) — not just documenting or managing compliance programs.\r\nDeep familiarity with implementing technical controls for SOC 2, FedRAMP, or similar frameworks in real production systems.\r\nStrong proficiency in scripting and automation (Python, Go, Bash, or similar) and a bias toward building custom tooling over relying solely on off-the-shelf products.\r\nHands-on experience with Infrastructure as Code (Terraform or equivalent), containerized environments (Kubernetes), and CI/CD systems — and how to embed security directly into them.\r\nWorking knowledge across core security domains\r\nAccess control, identity management, and least-privilege enforcement\r\nLogging, monitoring, auditing, and security observability\r\nEncryption, key management, and secrets handling\r\nVulnerability scanning, policy-as-code, and continuous compliance\r\nIncident response and change management\r\nAbility to quickly assess system state, identify meaningful gaps, and deliver pragmatic, high-impact solutions in a fast-moving environment.\r\nComfort operating as a founding security engineer: you thrive in ambiguity, own standards end-to-end, and focus on enabling velocity while raising the security bar.\r\nStrong problem-solving skills with a builder mindset — you enjoy making complex security requirements disappear into clean, automated systems that engineering teams actually love to use.\r\nLocation\r\nSIFT's headquarters is in Marina Del Rey, CA (Next to LAX). We collaborate in person twice a week—on Mondays and Thursdays—and come together for a full week every two months. We are open to relocating candidates to LA or working from our San Francisco office for the right candidate.\r\nSalary range: $170,000 - $220,000 per year. Plus equity and benefits.\r\nEligibility\r\nU.S. Person Required : Must be a U.S. citizen, lawful permanent resident, or protected individual such as an asylee or refugee in compliance with ITAR (International Traffic in Arms Regulations) / EAR (Export Administration Regulations) regulations.\r\nJ-18808-Ljbffr","company":"Sift Stack","rawCompany":"sift stack","city":"California","state":"MO","isRemote":false,"isActive":false,"createdAt":"2026-07-04T02:16:27.662Z","occupations":[{"code":"15-1299.08","title":"Computer Systems Engineers/Architects","slug":"computer-systems-engineers-architects"},{"code":"15-1299.05","title":"Information Security Engineers","slug":"information-security-engineers"},{"code":"15-1252.00","title":"Software Developers","slug":"software-developers"}],"industries":[{"code":"541512","title":"Computer Systems Design Services","slug":"computer-systems-design-services"},{"code":"541511","title":"Custom Computer Programming Services","slug":"custom-computer-programming-services"},{"code":"513210","title":"Software Publishers","slug":"software-publishers"}],"jobPosting":{"@context":"https://schema.org","@type":"JobPosting","title":"Software Engineer, Security Infrastructure","description":"At SIFT, we're redefining how modern machines are built, tested, and operated. Our platform provides engineers with real-time observability over high-frequency telemetry, eliminating bottlenecks and enabling faster, more reliable development.\r\nSIFT was born from our work at SpaceX on Dragon, Falcon, Starlink, and Starship—where scaling telemetry, debugging flight systems, and ensuring mission reliability demanded new infrastructure. Founded by a team from SpaceX, Google, and Palantir, Sift is built for mission-critical systems where precision and scalability are non-negotiable.\r\nAbout the Role\r\nAs a Software Engineer, Security Infrastructure, you will not just maintain a security checklist; you will define the posture, architecture, and practices that keep our products and infrastructure secure in the most demanding environments.\r\nYou will be both hands-on and strategic, building controls, automating compliance, and owning SIFT's security posture end-to-end, with technical security engineering as the primary focus. You will set the standard for how we protect our systems and data, ensuring resilience against modern threats while partnering with external compliance specialists to meet the requirements of aerospace, defense, and enterprise sectors.\r\nIn This Role, You'll:\r\nBuild and maintain tooling, scripts, services, and automation that assess, enforce, and monitor security and compliance controls across our AWS cloud environments, Kubernetes clusters, and CI/CD pipelines.\r\nDevelop lightweight internal solutions (e.g., policy-as-code, custom scanners, CI/CD integrations) that make security and compliance automatic, auditable, and invisible to the rest of engineering.\r\nEmbed security guardrails directly into infrastructure-as-code (Terraform), container orchestration, and deployment workflows so that secure-by-default becomes the path of least resistance.\r\nPartner closely with the infrastructure and platform engineering teams to harden cloud-native systems, implement access controls, encryption, logging/monitoring, and vulnerability management at scale.\r\nImprove visibility into our overall security posture through automated reporting, dashboards, and real-time observability that highlight risks and control coverage.\r\nTranslate compliance requirements (SOC 2, FedRAMP, and related frameworks) into pragmatic, enforceable technical implementations rather than manual checklists.\r\nReduce toil by automating security workflows, compliance validation, and remediation so engineering can ship fast without compromising security.\r\nSupport incident response and post-incident improvements by building better observability and tooling that accelerates detection and recovery.\r\nConduct security reviews of new features, services, and infrastructure changes, providing clear guidance that helps teams design and implement secure solutions.\r\nThe Skillset You'll Bring\r\nTechnical Skills\r\n4–7+ years of hands-on experience in security engineering, platform/DevSecOps, or cloud infrastructure roles (founding or early-stage security builder experience strongly preferred).\r\nProven track record shipping production-grade security automation in cloud-native environments (AWS strongly preferred) — not just documenting or managing compliance programs.\r\nDeep familiarity with implementing technical controls for SOC 2, FedRAMP, or similar frameworks in real production systems.\r\nStrong proficiency in scripting and automation (Python, Go, Bash, or similar) and a bias toward building custom tooling over relying solely on off-the-shelf products.\r\nHands-on experience with Infrastructure as Code (Terraform or equivalent), containerized environments (Kubernetes), and CI/CD systems — and how to embed security directly into them.\r\nWorking knowledge across core security domains\r\nAccess control, identity management, and least-privilege enforcement\r\nLogging, monitoring, auditing, and security observability\r\nEncryption, key management, and secrets handling\r\nVulnerability scanning, policy-as-code, and continuous compliance\r\nIncident response and change management\r\nAbility to quickly assess system state, identify meaningful gaps, and deliver pragmatic, high-impact solutions in a fast-moving environment.\r\nComfort operating as a founding security engineer: you thrive in ambiguity, own standards end-to-end, and focus on enabling velocity while raising the security bar.\r\nStrong problem-solving skills with a builder mindset — you enjoy making complex security requirements disappear into clean, automated systems that engineering teams actually love to use.\r\nLocation\r\nSIFT's headquarters is in Marina Del Rey, CA (Next to LAX). We collaborate in person twice a week—on Mondays and Thursdays—and come together for a full week every two months. We are open to relocating candidates to LA or working from our San Francisco office for the right candidate.\r\nSalary range: $170,000 - $220,000 per year. Plus equity and benefits.\r\nEligibility\r\nU.S. Person Required : Must be a U.S. citizen, lawful permanent resident, or protected individual such as an asylee or refugee in compliance with ITAR (International Traffic in Arms Regulations) / EAR (Export Administration Regulations) regulations.\r\nJ-18808-Ljbffr","datePosted":"2026-07-04T02:16:27.662Z","dateModified":"2026-07-04T02:16:27.662Z","hiringOrganization":{"@type":"Organization","name":"Sift Stack","sameAs":"https://jobsearcher.com"},"jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"California","addressRegion":"MO","addressCountry":"US"}},"identifier":{"@type":"PropertyValue","name":"JobSearcher","value":"c324709a9bd454b9e1beba8d"},"url":"https://jobsearcher.com/jobs/c324709a9bd454b9e1beba8d"}}