Principal Infrastructure Security Engineer

Remote

Company Overview

Unchained offers a suite of bitcoin financial services built on top of a unique collaborative custody model. These include: buying and selling bitcoin directly to and from cold storage, bitcoin retirement accounts, bitcoin-backed loans, concierge services to educate clients on best security practices, and cold storage solutions for institutions and other businesses.

Job Overview

The Principal Infrastructure Security Engineer plays a critical role in ensuring the security and integrity of the company’s IT infrastructure and systems. You will own the security architecture for all AWS and Kubernetes workloads, enforce least-privilege IAM roles and policies, embed guardrails through infrastructure-as-code, and lead the technical response to infrastructure threats. Working side-by-side with DevOps, SRE, and Platform teams, you’ll automate vulnerability management, integrate security checks into every CI/CD path, and continuously harden our cloud foundation. This hands-on role demands deep technical expertise, strategic vision, and the ability to mentor engineers while driving a secure-by-default culture across the organization.

What You Will Do

  • Design and implement security controls and best practices for AWS infrastructure
  • Collaborate with Infra teams to integrate security best practices into infrastructure-as-code (CloudFormation, Terraform)
  • Implement and manage vulnerability scanning and management processes for AWS infrastructure and Kubernetes clusters
  • Collaborate with DevOps teams to integrate security into CI/CD pipelines and automate security checks
  • Conduct security assessments and penetration testing of AWS infrastructure and Kubernetes clusters
  • Develop and maintain security policies, procedures, and guidelines for AWS and Kubernetes
  • Integrate and manage SSO solutions for secure, streamlined authentication to AWS and Kubernetes clusters
  • Develop and maintain hardened container images to enhance container security and minimize attack surface
  • Automate vulnerability management workflows by integrating security findings from platforms such as Wiz into actionable tickets and remediation processes
  • Monitor and respond to security incidents and alerts related to infrastructure security
  • Provide technical guidance and mentorship to junior team members
  • Stay current with the latest cloud security trends, threats, and best practices
  • Drive innovation and continuous improvement of infrastructure security processes and tools

Who You Are

  • You have 8+ years of experience in infrastructure security, with a focus on cloud security (AWS)
  • You have deep expertise in securing AWS services (EC2, S3, IAM, VPC, etc.) and Kubernetes
  • You have strong knowledge of infrastructure-as-code practices and tools (CloudFormation, Terraform)
  • You have experience with vulnerability scanning, management, and remediation in cloud environments
  • You are familiar with containerization and orchestration technologies (Docker, Kubernetes)
  • You have a solid understanding of security best practices for CI/CD pipelines and DevSecOps
  • You have excellent problem-solving and analytical skills
  • You have strong communication and collaboration abilities
  • You are able to lead and mentor junior team members
  • You are passionate about staying up-to-date with the latest cloud security technologies and best practices
  • You reside in the United States

Nice to Haves

  • You have a bachelor’s degree in Computer Science, Engineering or related field
  • You have relevant security certifications (CISSP, CISM, CCSP, or similar)
  • You are familiar with cloud security and DevSecOps practices
  • You have experience working in the Bitcoin space

What We Offer

  • Company paid medical, dental, and vision coverage
  • 401k with employer match
  • Employee stock options
  • Unlimited PTO
  • Training & development opportunities
  • Remote work flexibility