Platform Security Engineer

The company

Nebius AI is an AIcentric public cloud platform specifically crafted to serve AI models for training and inference.

Our mission is to help ML practitioners concentrate on their core jobs while DevOps MLOps and infrastructurerelated tasks are handled by us. The idea is to build an MLspecific cloud platform covering the entire ML lifecycle from A to Z: from data preparation and labeling to ML training and inference.

We recognize the potential of ML and AI technologies and aim to provide our future users with the perfect environment to train and finetune their models. We are committed to delivering the best user experience and excellent customer support.

Four development hubs:
Nebius is headquartered in the Netherlands with hubs in Finland Serbia and Israel.

Data center in Europe:
Our own data center in Finland features server racks designed inhouse for MLspecific high load with powerefficient solutions including a freecooling system.

500 professionals:
Our mature team of engineers has a proven track record in developing sophisticated cloud and ML solutions and designing cuttingedge hardware.

The role

The Security Tooling Team within the Platform Security organization isresponsible for the strategic selection implementation management andoptimization of cybersecurity tools and technologies that improve securitycapabilities of the organizations platform. This team is instrumental infortifying the security posture proactively identifying and responding tosecurity threats ensuring the resilience and protection of critical datasystems and services.

Platform Security Engineers primary focus will be designing implementingand maintaining security measures to protect companys environments fromvarious threats.

In this position your responsibility will be to:

• Discover remediate and validate security issues across cloud infrastructure per industry standard information security policies.
• Collaborate with fellow engineers to devise effective solutions tailored to our specific needs.
• Design implement operate and maintain systems that improve the security of the company.
• Serve as a security subject matter expert to other teams.
• Facilitate threatmodeling sessions.

We expect you to have:

• 3 years of experience in the security field.
• 1 years of experience working with major or private cloud providers.
• Proficiency in a common programming language (such as Go or Python) with a willingness to learn Go if necessary.
• A fast learner who can pick up new ideas in software and security on the fly.
• Comfortable working independently.
• Good written and verbal communication skills in English.
• Experience with network host and application security practices.
• Solid general knowledge in distributed systems and Linux systems engineering.
• Understanding of modern cloud technology components and deployment patterns: virtual machines containers Kubernetes serverless infrastructure as code etc.

It would be an added bonus if you had:

• Confident in presenting your ideas and opinions in a manner that can be challenged while responding well to feedback.
• Experience with in threatmodeling techniques.
• Experience in exploiting vulnerabilities in web applications Linux kernels containers and networks.
• Experience in using and accessing security of Infrastructure as Code (Terraform).
• Experience with hardening Linux based systems (apparmor seccomp etc.).
• Experience with hardening Kubernetes.
• Relevant security certifications (CKS OSCP OSCE etc.).
• Experience in designing building and maintaining security automation.
• Experience in designing building and maintaining Identity Aware Proxies or Bastion hosts.
• Experience in translating compliance and regulation requirements into technical specifications.
• Experience in securing bare metal workloads.

Does all that sound like your kind of challenge Then join us!