Nebius is a Nasdaq-listed tech company that aims to become one of the world’s leading AI infrastructure providers. Headquartered in Amsterdam, we have R&D and commercial hubs across the US, Europe and Israel.

We build full-stack AI infrastructure to service the explosive growth of the global AI industry, including large-scale GPU clusters, cloud platforms and tools and services for developers. Our 500 employees include around 400 highly skilled engineers with a proven track record of developing world-class hardware and software solutions across cloud and AI/ML.

We are rapidly growing our infrastructure network with an ambitious investment program to build out data centers and colocations in the US and Europe. A Reference Platform NVIDIA Cloud Partner, Nebius’ AI-native cloud platform provides high-end infrastructure and tools for training, fine-tuning and inference.

Nebius is growing fast, and we’re always looking for the best talent to join our company. Along with highly competitive compensation and extensive opportunities for professional development, we offer a dynamic work environment where innovation, creativity and teamwork are highly prized and open up exciting new opportunities. As an equal opportunity employer, we are committed to fostering a diverse and inclusive workplace, where all applicants are given fair consideration and every team member is empowered to contribute to their fullest potential.

The Role

The Security Engineering Team within the Platform Security organization is responsible for the strategic selection, implementation, management, and optimization of cybersecurity tools and technologies that improve security capabilities of the organization’s platform. This team is instrumental in fortifying the security posture, proactively identifying and responding to security threats, ensuring the resilience and protection of critical data, systems, and services.

We are looking for an Infrastructure Security Engineer to secure our cloud and on-premises infrastructure by implementing security controls, monitoring threats, ensuring compliance with industry standards and respond to security incidents. The ideal candidate has a strong background in cloud security, Linux hardening, and network security.

In this position, your responsibility will be to

  • Design and implement security measures to protect cloud and on-premises infrastructure.

  • Identify and remediate vulnerabilities in cloud environments, networks, and operating systems.

  • Build and maintain cloud and infrastructure security tools.

  • Perform security reviews, threat modeling and risk assessments of infrastructure components.

  • Develop and maintain security guidelines for Network and SRE teams.

  • Collaborate with Network and SRE teams to integrate security best practices into their processes and systems.

  • Stay updated on the latest security threats, vulnerabilities, and mitigation techniques.

  • Serve as an network and infrastructure security subject matter expert to other teams.

We expect you to have

  • 4+ years of experience in network, infrastructure or cloud security.

  • Strong understanding of modern cloud architectures and deployment models (VMs, containers, serverless, Kubernetes).

  • Solid knowledge in networks, distributed systems and Linux systems engineering.

  • Hands-on experience with network, VPN and Linux security.

  • Understanding of Identity and Access Management (IAM) systems.

  • Experience with security automation tools and scripting (e.g. Python, Bash, Go, etc.) and willingness to learn Go, if necessary.

  • Experience in using and accessing security of Infrastructure as Code (Terraform).

  • Experience in hardening Linux based systems (apparmor, seccomp, etc.).

  • Experience in hardening Kubernetes.

  • Strong problem-solving and analytical skills.

  • Good written and verbal communication skills in English.

  • Willingness to learn new things.

  • Being comfortable working independently.

It would be an added bonus if you had

  • Proficiency in securing AWS, GCP, or Azure environments.

  • Experience in conducting threat-modeling sessions.

  • Experience in designing, building, and maintaining Identity Aware Proxies or Bastion hosts.

  • Experience in translating compliance and regulation requirements into technical specifications.

  • Experience in exploiting vulnerabilities in Linux kernel, VMs, containers, and networks.

  • Experience in securing bare metal workloads.

  • Security certifications such as OSCP or CKS.

What we offer

  • Competitive salary and comprehensive benefits package.
  • Opportunities for professional growth within Nebius.
  • Hybrid working arrangements.
  • A dynamic and collaborative work environment that values initiative and innovation.

We’re growing and expanding our products every day. If you’re up to the challenge and are excited about AI and ML as much as we are, join us!