Infrastructure Security Engineer

QIT Software is looking for a scrappy, security-focused Infrastructure Engineer to join a fast-growing AI video platform. You'll be responsible for "Security by Design" across the core platform - ensuring AWS-based infrastructure, Kubernetes clusters, and data stores are resilient against evolving threats while maintaining the high performance required for real-time AI video generation at scale.

Details:

• Schedule: Full-time, remote
• Client: USA
• Duration: long-term
• Tech stack: Python, AWS, Kubernetes, Terraform or equivalent IaC tooling, etc.
• Timezone: 8 hours through PST

Requirements

• 3+ years of professional experience in infrastructure security, SRE, or DevOps
• Hands-on experience securing AWS services and managing containerized workloads in Kubernetes (EKS)
• Proficiency in Python for automation and tool development
• Strong experience with Terraform or equivalent IaC tooling
• Working knowledge of CI/CD pipeline security, container image scanning, and supply chain integrity
• Experience with monitoring and alerting tools (Prometheus, ELK Stack, Datadog, Grafana, or AWS CloudWatch)
• Strong written communication -- you'll need to document runbooks, findings, and remediation plans clearly
• Ability to thrive in a fast-paced, high-autonomy environment where priorities shift rapidly
• Business-level English (written and spoken)

Responsibilities

• Design and implement security controls across AWS cloud infrastructure (VPCs, IAM, Security Groups) and Kubernetes (EKS) environments. Enforce least-privilege access, network segmentation, and runtime security policies
• Own the end-to-end vulnerability management lifecycle -- scanning, prioritization, remediation, and verification. Upgrade dependencies across services and build automation to keep them current
• Embed security into the development lifecycle -- container image scanning, software composition analysis (SCA), and automated security gates in CI/CD pipelines. Ensure third-party dependencies and base images meet security standards before reaching production
• Use Terraform or equivalent IaC tooling to provision and manage infrastructure with security checks automated directly in the deployment pipeline. Reduce manual toil through scripting and tooling in Python
• Build and maintain detection rules, alerting pipelines, and monitoring dashboards for real-time visibility across infrastructure. Lead technical response to security incidents with root cause analysis, remediation, and documented runbooks
• Secure data pipelines handling user-uploaded media, AI model assets, and generated content -- access controls, encryption at rest/in transit, backup integrity, and audit logging
• Support and advance SOC 2, ISO 27001, and commitments by automating evidence collection, maintaining security policies, and preparing for audits
• Define and test backup and recovery procedures ensuring the platform meets defined RTO/RPO targets. Contribute to business continuity planning with a focus on security implications during failure and restoration scenarios--

Work conditions

• The ability to work remotely from anywhere in the world;
• Flexible work schedule, no micromanagement, no strict deadlines and free overtime work;
• Work in European and American products with a modern technology stack in different industries (Finance, Technology, Health, Construction, Media, etc.);
• Revision of wages every year or on an individual basis;
• Accounting support and full payment of taxes by the company;
• 100% compensation for remote English lessons;
• 15 paid leaves (PTO) and public holidays.