[Remote] Principal Security Engineer, Infrastructure Security
Note: The job is a remote job and is open to candidates in USA. Upstart is a leading AI lending marketplace focused on reducing the cost and complexity of borrowing for Americans. They are seeking a Principal Security Engineer to define and drive the technical strategy for securing Upstart's production infrastructure and developer platforms, collaborating with various teams to reduce risk and enhance security practices.ResponsibilitiesDefine and drive Upstart’s infrastructure security strategy, aligning secure-by-default principles with business priorities, regulatory expectations, and Upstart’s cloud-native engineering roadmapOwn the security roadmap for cloud, platform, compute, and deployment environments, partnering with infrastructure, platform, SRE, and product engineering leaders to reduce risk across multiple organizationsLead security architecture reviews for critical infrastructure initiatives, influencing technical decisions in areas such as cloud IAM, Kubernetes, container security, network segmentation, secrets management, CI/CD, and infrastructure-as-codeIdentify and reduce systemic infrastructure security risks by designing durable preventative controls, guardrails, and automation that improve security outcomes across engineering teamsEstablish standards and patterns for production access, service identity, workload trust, infrastructure hardening, vulnerability management, and secure operational practicesPartner with engineering teams to improve the security of AI-assisted developer workflows and GenAI-enabled systems, including agentic tooling, coding assistants, and internal AI integrations that interact with production or sensitive environmentsServe as a senior technical authority during high-severity security or production incidents, driving root cause analysis, risk-based prioritization, and long-term architectural improvementsElevate infrastructure security maturity across Upstart by mentoring engineers, influencing senior stakeholders through clear risk communication, and helping teams build secure systems with less frictionSkills8+ years of experience in security engineering, infrastructure engineering, software engineering, or a related technical role4+ years of experience focused on infrastructure, cloud, platform, or production securityExperience securing cloud-native infrastructure in AWS or a similar cloud environmentExperience with multiple infrastructure security domains, such as cloud IAM, Kubernetes or container security, network security, secrets management, infrastructure-as-code, CI/CD security, production access, or vulnerability managementExperience writing code or automation in Python, Go, Java, Ruby, or a similar programming languageExperience leading security architecture reviews or technical risk assessments for complex production systemsExperience designing and implementing preventative security controls, guardrails, or platform-level security solutions used by multiple engineering teamsExperience leading cross-functional security initiatives with infrastructure, platform, SRE, product engineering, risk, compliance, or audit stakeholders10+ years of experience spanning security engineering, infrastructure engineering, software engineering, or cloud platform engineeringExperience owning a security roadmap for a technical domain that spans multiple teams or organizationsExperience with Kubernetes security, service-to-service trust models, workload identity, runtime security, or cloud-native network controlsExperience improving cloud security posture management, hardening baselines, drift detection, or infrastructure vulnerability management programsExperience building or scaling infrastructure security programs, including defining metrics, maturity models, and risk-based prioritization frameworksFamiliarity with security considerations for AI-assisted engineering workflows, including code generation, code review tooling, agentic automation, and sensitive data exposure risksExperience partnering with Legal, Risk, Compliance, or Audit teams to operationalize security controls in a regulated environmentSecurity certifications such as AWS Security Specialty, GCP Professional Cloud Security Engineer, CISSP, CCSP, or equivalent practical expertiseBenefitsTarget bonusesEquity compensationGenerous benefits packages (including medical, dental, vision, and 401k)Competitive compensation, including base pay, bonus opportunities, and annual equity grants that vest quarterlyRetirement benefits to help you plan for the future, including a 401(k) or Group Retirement Savings Plan with a company match of $2 for every $1 contributed, up to $15,000 annually (USD in the US, CAD in Canada)Employee Stock Purchase Plan (ESPP) with discounted stock purchase options for eligible employees (US only)Comprehensive health coverage designed to support you and your family, including medical, dental, vision, and wellness resources for US and supplemental health coverage for Canada.Health Savings Account contributions from Upstart for eligible plans (US only)Income protection benefits, including life insurance and disability coverage for added financial securityPaid time off, sick leave, and company holidays, in line with local requirementsPaid family and parental leave to support caregiving and major life moments (duration varies by country)Family-centered benefits to support fertility, parenthood, and caregiving needsEmployee Assistance Program (EAP) offering mental health support and life-centered resourcesFinancial wellness resources, including access to financial planning tools and a financial concierge service (US Only)Annual wellness allowance to support your physical and emotional well-being and personal development, based on what matters most to youAnnual productivity allowance to invest in relevant tools and resources you need to do your best work, no matter where you work fromConnection and community through team events, all-company updates, and employee resource groups (ERGs)Onsite perks, including catered lunches and fully stocked micro-kitchens when working from one of our offices in the Bay Area, Austin, Columbus, and New York City (opening Summer 2026!)Company OverviewUpstart is a leading AI lending marketplace partnering with banks and credit unions to expand access to affordable credit. It was founded in 2012, and is headquartered in San Mateo, California, USA, with a workforce of 1001-5000 employees. Its website is https://upstart.com/about.