Security Engineer

About Us: At Fireworks, we’re building the future of generative AI infrastructure. Our platform delivers the highest-quality models with the fastest and most scalable inference in the industry. We’ve been independently benchmarked as the leader in LLM inference speed and are driving cutting-edge innovation through projects like our own function calling and multimodal models. Fireworks is a Series C company valued at $4 billion and backed by top investors including Benchmark, Sequoia, Lightspeed, Index, and Evantic. We’re an ambitious, collaborative team of builders, founded by veterans of Meta PyTorch and Google Vertex AI. The Role: Security is the foundation of trust in AI systems. As the Security Engineer at Fireworks AI, you will play a key role in designing, implementing and operating security controls across AI infrastructure, AI platforms and internal systems. You will work closely with the multiple teams to strengthen our security posture and support our rapid growth. As more organizations rely on large language models and cloud-native AI services, ensuring the confidentiality, integrity, and availability of data, models, and infrastructure is paramount. This role plays a critical part in building that trust by designing and embedding security across layers of our technology stack. Key Responsibilities: Design and build security-focused software and platform capabilities to protect customer data, models, and services across our multi-cloud infrastructure, including encryption, identity and access management, secure API gateways, secure model execution, and sandboxing strategies. Perform security reviews of cloud-native architectures—including Kubernetes clusters, multi-cloud workloads, and distributed data stores—and build integrated systems for continuous security monitoring, anomaly detection, and automated response. Embed security into CI/CD pipelines using a DevSecOps approach, implementing automated scanning, policy enforcement, and secure-by-default build and deployment workflows. Apply a build-over-buy philosophy by designing and developing in-house security tooling and automation where it provides better control, scalability, and integration than off-the-shelf solutions. Build and operate a comprehensive vulnerability management program, partnering with various teams to remediate risks across applications, containers, cloud infrastructure, and dependencies. Operate and continuously improve security operations, including detection engineering, alert triage, incident response, and continuous improvement through post-incident reviews. Participate in red/blue team exercises, tabletop simulations, and post-incident root cause analysis to strengthen security resilience. Embed compliance and regulatory controls into infrastructure and product layers (e.g., SOC 2, ISO 27001, ISO42001, HIPAA, PCI-DSS, GDPR). Minimum qualifications: 3 to 7 years of experience in software engineering or security engineering with a strong focus on security, infrastructure, or cloud-native systems. Proficient in Python and/or Go with experience in designing production-grade systems. Strong understanding of cloud-native architectures using GCP, particularly in the area of network segregation, authentication, authorization, encryption, data protection, intrusion detection, and cloud-specific security benchmarks. Hands-on experience with Kubernetes, Docker, and containerized production environments; deep knowledge of Kubernetes internals and native security controls is a strong plus. Familiarity with security tooling in managed CI/CD environments (e.g., GitHub Actions, Harness, CircleCI). Solid experience working in Linux environments, including system administration, debugging, and automation via command-line tooling. Familiarity with modern identity and access controls (SAML, OAuth, OIDC, SSO, RBAC/ABAC). Preferred qualifications: Experience designing secure multi-cloud deployments and zero-trust architectures. Experien ... (truncated, view full listing at source)