Key skills
Cloud platform securityMulti-cloud network securityCloud agnostic system designContainer securityOrchestration securityAuthenticationauthorizationInternet security fundamentalsWeb security fundamentalsWeb Application Firewall (WAF)TLSPublic Key Infrastructure (PKI)DNS securityGo programmingInfrastructure as CodeTerraformAnsibleInfrastructure securitySecurity operationsThreat modelingDigital forensicsIncident responseOperating system internalsOperating system security mechanismsNetworking protocolsSecurity incident managementgiveprocess constructive feedbackGoAWSKubernetesCI/CDWAF
About this role
Tailscale is building innovative software to securely interconnect people and their devices. They are seeking a Security Infrastructure Engineer to enhance product security by designing security controls, auditing infrastructure, and supporting engineering decisions with security expertise.
Responsibilities:
- Design and build security controls across diverse layers (e.g., cloud platforms, OS, Kubernetes, networks, CI/CD) to defend against sophisticated adversaries and insider threats
- Improve the security properties of Tailscale by identifying opportunities for security and privacy features, bug fixes, defense-in-depth, and implementing them across our codebase
- Audit Tailscale infrastructure for technical security weaknesses, identifying mitigations or solutions, and driving them towards resolution
- Support engineering decisions with threat modeling and security analysis and expertise
- You will spend 25-50% of your time in this role writing software vs purely operational or governance security responsibilities
Requirements:
- Expertise in the security of cloud platforms (e.g., AWS), especially securing multi-cloud networks and infrastructure, and designing cloud agnostic systems
- Familiarity with container security, orchestration security, and authentication/authorization
- Familiarity with internet/web security fundamentals: WAF's, TLS, PKI, DNS security, etc
- Proficiency developing in at least one programming language (Tailscale uses Go) and Infrastructure as Code tooling (e.g. Terraform, Ansible)
- Prior experience in a safety-related technical role, e.g.: infrastructure security, security operations, threat modeling and prioritization, digital forensics and incident response
- Knowledge of operating system internals and security mechanisms
- Knowledge of common networking protocols
- Act as a Subject Matter Expert during security incidents, focusing on infrastructure-level containment and remediation
- Ability to give and process constructive feedback
- Ability to work independently and collaboratively
- Flexibility to adjust to the dynamic nature of a startup
- Take a risk-based approach to building security controls, balancing your security expertise and broad technical skillsets with practical, usable solutions