Infrastructure & Security Engineer

CivilGrid is a venture-backed SaaS construction tech company building the 'Google Maps for the Underground.' They are seeking an Infrastructure & Security Engineer to own their cloud platform, reliability, and security posture as they scale into large utilities and civil engineering firms.

Responsibilities:

• Own our AWS environment end to end: VPC architecture, ECS, RDS, secrets management, IAM, networking, and cost optimization
• Define and improve reliability practices: SLOs, observability, alerting, on-call rotation, runbooks, and blameless post-incident reviews
• Lead incident response for both reliability and security events, from detection through resolution and follow-up
• Define and enforce policies for identity, secrets, data handling, and production access across the company
• Partner with engineering to embed reliability and security into the SDLC and infrastructure decisions
• Run our security program: SOC 2 readiness and audits, vendor reviews, access controls, endpoint security, and threat modeling

Requirements:

• 4+ years of experience across DevOps, SRE, platform, or security engineering, with hands-on ownership of production AWS infrastructure
• Deep working knowledge of AWS (VPC, ECS, RDS, IAM, Secrets Manager, CloudWatch) and infrastructure-as-code (Terraform, CDK, or equivalent)
• Track record of improving reliability in production: defining SLOs, building observability, running on-call, and leading post-incident reviews
• Experience running or supporting a SOC 2 program, including evidence collection, control design, and auditor coordination
• Startup ready: autonomous, moves fast, takes initiative without being asked
• Strong verbal and written communication, able to articulate ideas clearly and collaborate effectively
• Bonus: experience supporting B2B products sold into regulated industries (utilities, energy, public sector)