Staff Product Security Engineer
1y ago
USALeadpenetration testingai/ml securityinfrastructure security
Staff Product Security Engineer role focused on AI/ML security expertise to enhance security posture of applications and infrastructure.
Nice to have
- Public contributions to offensive security or AI security research (talks, blogs, tooling, CVEs, etc.)
- Experience building internal red team or adversary simulation programs
- Background in high-performance computing, AI infrastructure, or cloud-native platform security
- Experience designing policy-as-code frameworks at scale
Conditions
- Competitive compensation
- Restricted Stock Units
- Paid time off & paid holidays
- Comprehensive health, dental & vision insurance
- Employer contributions to HSA account
- Paid parental leave
- Paid life insurance, short-term and long-term disability
- Professional development & tuition reimbursement
- Mental health & wellness support
- Commuter benefits (parking & transit)
- Cell phone stipend
- 401(k) Retirement plan with company match up to 4% of salary
- Volunteer time off
- Compensation will be paid in the range of up to $250,000 - $285,000 + Bonus. Restricted Stock Units are included in all offers. Compensation to be determined by the applicants knowledge, education, and abilities, as well as internal equity and alignment with market data.
- Crusoe is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, disability, genetic information, pregnancy, citizenship, marital status, sex/gender, sexual preference/ orientation, gender identity, age, veteran status, national origin, or any other status protected by law or regulation.
Other
- Crusoe is on a mission to accelerate the abundance of energy and intelligence . As the only vertically integrated AI infrastructure company built from the ground up, we own and operate each layer of the stack — from electrons to tokens — to power the world's most ambitious AI workloads. When you join Crusoe, you join a team that is building the future, faster.
- We're in the midst of the greatest industrial revolution of our time. The demand for AI compute is boundless, and power is a bottleneck. We're solving that — with an energy-first approach that makes AI infrastructure better for the world and faster for the people innovating with AI.
- We're looking for problem-solving, opportunity-finding teammates with a sense of urgency, who believe in the scale of our ambition and thrive on a path not fully paved — people who want to grow their careers alongside a team of experts across energy, manufacturing, data center construction, and cloud services.
- If you want to do the most meaningful work of your career, help our customers and partners advance their AI strategies, and be part of a high-performing team that believes in each other, come build with us at Crusoe.
- We’re seeking a Staff Product Security Engineer with deep AI/ML security expertise to strengthen Crusoe’s security posture across applications, infrastructure, and distributed AI systems. This is a highly technical role focused on advanced penetration testing, AI/ML attack surface research, and building secure-by-design guardrails that engineering teams rely on.
- You’ll operate at the intersection of offensive security, AI systems, and production engineering; owning security outcomes end-to-end while influencing system design across the organization.
- Performing advanced manual penetration testing across complex applications, infrastructure, Kubernetes environments, and distributed microservice ecosystems
- Leading offensive security initiatives including red team operations, adversary simulation, and security research
- Securing AI/ML systems end-to-end, including LLM pipelines, vector databases, RAG architectures, and agentic workflows
- Identifying and researching novel attack surfaces unique to LLMs and autonomous systems, contributing to internal and external AI security research
- Influencing secure system design across the SDLC, embedding security into CI/CD pipelines, container images, and deployment workflows
- Integrating and operationalizing security tooling (SAST, DAST, SCA, container scanning) and driving remediation of complex application-layer vulnerabilities
- Building internal security guardrails such as hardened base images, reusable libraries, and policy-as-code frameworks
- Developing production-grade security tooling and leading cross-functional security programs from design through deployment
- 8-10 years of deep hands-on experience in offensive security, including manual penetration testing, red team operations, and adversary simulation
- Familiarity with modern C2 frameworks (e.g., Cobalt Strike, Sliver, Havoc), exploit development, and security research
- Strong expertise across the AI/ML stack, including MLOps, inference architectures, vector databases, RAG, and agentic frameworks (e.g., ReAct, Reflexion)
- Experience building, deploying, and securing LLM pipelines and AI workflows in Kubernetes and/or bare-metal environments
- Strong software engineering foundations with experience shipping production code in Go, Python, or Rust
- Hands-on experience securing Kubernetes, containers, VMs, and CI/CD environments
- Deep understanding of application security vulnerabilities, secure coding practices, and distributed system design
- Demonstrated ability to lead complex, cross-functional security initiatives end-to-end
- Strong communication skills with the ability to influence both engineering teams and executive stakeholders