Key skills
AIMLAWSGCPIAMCI/CDCommunicationCloud Security
About this role
Baseten is a rapidly growing company that powers mission-critical inference for leading AI firms. They are seeking a proactive Security Engineer to enhance the security posture of their ML infrastructure platform, collaborating with engineering and operations teams to implement secure systems and manage sensitive data.
Responsibilities:
- Security architecture and design: Collaborate with engineering teams to design and implement secure systems and infrastructure, including cloud (AWS/GCP) environments and container orchestration platforms
- Vulnerability management: Lead proactive vulnerability assessments, pen tests, and remediation efforts to ensure our products and infrastructure remain secure
- Incident response: Develop and maintain incident response processes, including detection, analysis, containment, eradication, and post-incident reviews
- Identity and access management (IAM): Oversee IAM strategies and tools to ensure the right people have the right level of access to our systems and data
- Security compliance and audits: Work closely with operations to ensure compliance with relevant standards (e.g., SOC 2, ISO 27001) and assist with audits, policy creation, and risk assessments
- Employee security training: Develop and deliver security training programs and documentation to keep our team informed about best practices, social engineering threats, and secure coding standards
- DevSecOps integration: Partner with DevOps teams to embed security into the CI/CD pipeline, automating security checks and fostering a culture of 'security as code.'
Requirements:
- 3+ years of experience in a Security Engineer or similar security-focused role, preferably in a fast-paced startup environment
- Strong knowledge of cloud security (AWS/GCP), container security, and infrastructure-as-code best practices
- Hands-on experience with security tooling (SIEM, IDS/IPS, vulnerability scanners) and scripting languages to automate security tasks
- Familiarity with compliance frameworks such as SOC 2, ISO 27001, and GDPR, and the ability to translate requirements into actionable security controls
- Incident response expertise, including forensic analysis and root cause investigation
- Excellent communication skills and the ability to collaborate with cross-functional teams to promote a security-first culture