Staff Security Engineer, Infrastructure

Fal is seeking a Staff Security Engineer to secure the core systems powering fal.ai's platform, including GPU compute, multi-cloud environments, networking, and data pipelines. This hands-on role operates across the full stack, from cloud and Kubernetes to identity, networking, and secrets, designing and implementing security controls that scale with a high-performance AI platform. The position sits at the intersection of security, infrastructure, and distributed systems.

Key responsibilities include designing and implementing security controls across cloud infrastructure, Kubernetes and containerized workloads, networking, service meshes, edge systems, CI/CD pipelines, and secure compute environments for GPU workloads. The role also involves managing machine identity and workload authentication, secrets management and encryption, enforcing least-privilege access, implementing Zero Trust principles, protecting model weights and customer data, building security guardrails into infrastructure and CI/CD, and continuously identifying and remediating security gaps through automation.

The ideal candidate has over 8 years of experience in security engineering, infrastructure, or SRE, with a strong understanding of cloud security (AWS, GCP, or Azure), networking fundamentals, Linux systems, and container security. Deep knowledge of authentication and authorization systems, secrets management, cryptography basics, and common vulnerabilities is essential. Proficiency in at least one programming language (Go, Python, or similar) and experience with Infrastructure-as-Code tools like Terraform are also required.

Fal offers a competitive salary and equity package, along with full health, dental, and vision coverage. This role provides the opportunity to work on cutting-edge AI infrastructure security, secure GPU clusters, model execution, and real-time inference systems, with high ownership and direct impact on developer trust and platform reliability.

Joining fal means contributing to defining security for the next generation of AI infrastructure, where performance, scale, and safety are paramount. The company emphasizes a secure-by-default philosophy, enabling developers without blocking them, automating processes, and designing for resilience.