AllSpice
Director of Infrastructure
4mo ago
USADirectorRemoteterraformci/cdinfrastructuresecuritycompliance
Ownership of infrastructure strategy, security posture, and compliance at a fast-growing startup, combining hands-on leadership and individual contribution.
Responsibilities
- This is a high-impact role that comes with significant autonomy and requires a self-driven, strategic, and collaborative leader. You will own our infrastructure, security, and compliance programs end-to-end.
Conditions
- Opportunity to make a large impact at an executive level
- Supportive and smart colleagues
- Flexible work
- Competitive salary and equity
- Health, dental, and vision benefits
- Generous PTO
- Home office stipend
- Relocation package
Other
- Help define the future of hardware development by building a collaboration platform for circuit designs, enabling the next generation of smart vehicles, IoT devices, rockets, medical devices, robotics, and much more.
- At AllSpice, we're building the agile development environment for hardware designers, including a Git-friendly translation layer and automated CI/CD framework for native circuit designs, think GitHub/GitLab + Copilot for electronics.
- Read more about our latest Series A announcement here !
- As Director of Infrastructure, you will own AllSpice's infrastructure strategy, security posture, and compliance programs while building and leading a small, high-impact team. This is a hands-on leadership role: roughly 60% management and strategic work, 40% individual contribution, reporting to the CTO. With the team at 1–2 people for the next 12 months, you need to be equally comfortable drafting a Terraform module and presenting a security review to an enterprise customer's CISO.
- If you are passionate about building secure, scalable infrastructure and want executive-level ownership at a fast-growing startup, this role is for you.
- Own AllSpice's security posture: policies, incident response, disaster recovery, and ongoing risk assessment
- Maintain SOC 2 compliance, penetration testing, and audit processes; evaluate additional security certifications as needed
- Make architectural decisions on infrastructure direction, including cloud strategy, cost optimization, high availability, and scaling
- Work with legal counsel on security and data-protection matters, including DPAs, breach notification obligations, and regulatory requirements
- Partner with customer success and sales to support enterprise deployments, IT security reviews, and SSO/OIDC integrations
- Serve as the primary technical point of contact for customer InfoSec questionnaires and procurement processes
- Support self-hosted and GovCloud deployments for customers with ITAR, EAR, or CUI requirements
- Hire, mentor, and manage infrastructure engineers as the team grows
- Set team goals, define processes, and establish on-call rotations
- Participate in the on-call rotation and lead incident response when needed
- Create growth paths for ICs and foster a culture of operational excellence
- Architect and maintain production AWS environments using Terraform and infrastructure-as-code
- Automate deployments, backups, and disaster recovery across cloud and self-hosted configurations
- Monitor and improve performance, availability, and cost efficiency of production systems
- Work closely with application developers to deploy infrastructure solutions to product problems
- Scale infrastructure for zero-downtime deployments across multi-region AWS accounts
- Plan and evaluate horizontal scaling strategies for compute runtime to support growing workloads and concurrent users
- Drive SOC 2 Type II renewals and maintain ongoing compliance cadence
- Stress-test backup and disaster recovery procedures and publish runbooks
- Identify opportunities to reduce cloud spend while improving performance
- Coordinate tabletop exercises and incident response drills with the Security Incident Response Team
- Lead an enterprise customer through a self-hosted deployment, including architecture review, SSO integration, and security sign-off
- Terraform & Docker Swarm deployed to AWS for production infrastructure
- Grafana, Loki, and Prometheus for observability
- GitHub Actions for CI/CD
- Playwright for e2e testing
- Gitea application fork Go [server-side]
- PostgreSQL
- Our ideal candidate has:
- 8+ years of cloud infrastructure and/or security engineering experience
- 2+ years of people management experience (hiring, mentoring, performance management)
- Deep hands-on expertise with AWS services (IAM, GuardDuty, VPC, Lambda, etc.), Linux administration, and Docker
- Demonstrated ownership of security policy, compliance programs (SOC 2, ISO 27001), and incident response
- Experience coordinating with legal counsel, customer-facing teams, and executive leadership on security and compliance matters
- Strong project management skills with ability to lead cross-functional initiatives from engineers to customers
- Comfort with ambiguity and a high degree of autonomy
- Bachelor's degree or higher in a technology-related field
- Must be a U.S. Citizen or Lawful Permanent Resident (Green Card holder)
- (preference, not required) Availability to work out of our flex offices in San Francisco or Boston 1–2 days per week
- You don't need to check every box, but the more of these you bring, the better:
- Terraform and infrastructure-as-code at scale
- AWS services (IAM, GuardDuty, Elasticsearch, ElastiCache, Lambda) and experience with other cloud providers (GCP, Azure)
- Docker and Kubernetes
- Bash and Python scripting
- nginx and reverse-proxy services
- PostgreSQL administration
- SOC 2, ISO 27001, and other security certification frameworks
- ITAR/EAR/CUI compliance and GovCloud deployments
- SSO, OIDC, LDAP, and enterprise authentication
- Vulnerability scanning, penetration testing coordination, and vendor security reviews
- Hiring, mentoring, and building infrastructure teams from the ground up
- Working with legal counsel on data protection, DPAs, and regulatory matters
- Customer-facing technical communication (InfoSec reviews, enterprise onboarding)
- Project management using tools such as Jira, Notion, or similar