Member of Technical Staff - Infrastructure Security
Generate a McCoy IQ challenge in 30 seconds.
See how candidates think and approach the work this role demands, before the phone screen. We'll build a video challenge from this posting, and you can edit or share it before it goes live.
Key details
Job Description
OUR MISSION
Reflection is a research lab making intelligence open and accessible for everyone to use, customize, and build on. We build open models that let anyone control their intelligence and help shape the future of AI. Our mission: make intelligence open and accessible to all.
ROLE OVERVIEW
Reflection.AI http://Reflection.AI is looking for a Member of Technical Staff - Infrastructure Security to secure our geographically diverse multi-cloud Kubernetes and cloud environments. In this role, you’ll be expected to jump head first into the hands-on engineering work of building infrastructure security controls from the ground up, outline a long term infrastructure security vision that ensures the security and integrity of our core technology, and define the roadmap that will fulfill your vision.
KEY RESPONSIBILITIES
- Audit and harden geographically disparate multi-cloud Kubernetes clusters
- Unify and harden authentication across Kubernetes clusters
- Design and implement centralized, auditable Kubernetes authorization policy enforcement
- Automate monitoring and benchmarking of Kube cluster security posture
- Develop defense-in-depth security boundaries around containerized workloads in Kubernetes clusters
- Build and deploy automated tooling to support incident detection & response for Kubernetes clusters and containerized workloads
REQUIRED QUALIFICATIONS
- Deep experience securing Kubernetes clusters and hardening containerized workloads
- Understanding of managed Kube cluster services such as GKE
- Comfort working with CI/CD systems such as ArgoCD
- Familiarity with Kubernetes orchestration systems such as Rancher and Helm
- Experience hardening artifact repositories to ensure secure build artifact provenance spanning image builds, storage, and deployment
- Comfort defining and implementing concrete security improvements based on nebulous or unclear security requirements
- Experience working with infrastructure-as-code systems such as Terraform or Pulumi
- Experience working with major cloud providers such as GCP, AWS, and/or Azure
- Experience working with neocloud GPU providers such as VoltagePark, GMI Cloud, Crusoe, Anyscale, Together.ai http://Together.ai, etc.
- Experience coding with Python or Golang
- Recent hands-on engineering experience
- Proven track record of building infrastructure security controls from 0 to 1
WHAT WE OFFER:
We believe that to make intelligence open and accessible to all, you need to start at the foundation. Joining Reflection means building from the ground up as part of a talent-dense team. You will help define our future as a company, and help define the future of open foundational models.
We want you to do the most impactful work of your career with the confidence that you and the people you care about most are supported.
- Top-tier compensation: Salary and equity structured to recognize and retain our talent globally.
- Stock options: Everyone who joins and contributes to Reflection's success gets to share in the upside through stock options.
- Health & wellness: Comprehensive medical, dental, vision, and life, with an annual wellness allowance.
- Meals: Lunch and dinner are provided in the office daily.
- Life & family: 22 weeks paid parental leave for all new birthing and non-birthing parents, including adoptive and surrogate journeys.
- Vacation days: Unlimited paid time off in the U.S. and 30 days in the U.K.
- Sponsorship support: We sponsor visas to help exceptional talent join our team and support long-term immigration pathways where applicable.
- Team building: We have regular off-sites, happy hours, and team celebrations.
Audit details(provenance, verification trail, raw fields)
Core fields
reflection-ai:f3374b9a-459c-48d2-81c6-72cc5d750050Provenance
reflectionaiVerification trail
This posting hasn't been probed by our closure verifier yet. Stream C runs on a rolling schedule against postings approaching the close-decision threshold.
LLM enrichment
See how we measure for definitions, or our corrections log for known issues. Found something wrong? Flag a correction.
