Member of Technical Staff - Security

OVERVIEW BUILDING OPEN SUPERINTELLIGENCE INFRASTRUCTURE Prime Intellect is building the open superintelligence stack - from frontier agentic models to the infra that enables anyone to create, train, and deploy them. We aggregate and orchestrate global compute into a single control plane and pair it with the full RL post-training stack: environments, secure sandboxes, verifiable evals, and our async RL trainer. We enable researchers, startups and enterprises to run end-to-end reinforcement learning at frontier scale, adapting models to real tools, workflows, and deployment contexts. We recently raised $15mm in funding (total of $20mm raised) led by Founders Fund, with participation from Menlo Ventures and prominent angels including Andrej Karpathy (Eureka AI, Tesla, OpenAI), Tri Dao (Chief Scientific Officer of Together AI), Dylan Patel (SemiAnalysis), Clem Delangue (Huggingface), Emad Mostaque (Stability AI) and many others. ROLE IMPACT Security is the single highest-stakes function at Prime Intellect. Our customers — from frontier AI labs to enterprises — trust us with their most valuable assets: proprietary models, training data, and the compute that powers them. This role owns the security posture of everything we ship: the hosted RL training platform, distributed GPU infrastructure, liquid compute marketplace, and all customer-facing surfaces. You'll be the first dedicated security hire and will define how we think about security as a company — from threat modeling and secure architecture to incident response and compliance. You'll work directly with engineering, research, and leadership to embed security into every layer of the stack, and you'll manage relationships with external penetration testers and security auditors to continuously validate our defenses. CORE TECHNICAL RESPONSIBILITIES PREVENTIVE SECURITY & SECURE ARCHITECTURE - Own threat modeling across our entire surface area: multi-tenant training infrastructure, sandboxed execution environments, API surfaces, and internal tooling - Design and implement zero-trust networking, identity, and access control across distributed GPU clusters and cloud infrastructure - Build secure-by-default patterns for our platform engineers — auth, secrets management, supply chain integrity, container hardening - Architect tenant isolation and data boundary enforcement for hosted RL training workloads (customers run arbitrary code in our environments) AI-NATIVE SECURITY - Develop security frameworks specific to AI infrastructure: model weight protection, training data isolation, checkpoint integrity, gradient privacy - Secure the RL training loop end-to-end — from environment execution in sandboxes to reward signal verification and model artifact storage - Build detection and prevention for AI-specific attack vectors: prompt injection across agentic pipelines, model exfiltration, adversarial environment manipulation OFFENSIVE SECURITY & EXTERNAL ENGAGEMENTS - Scope, manage, and run point on external penetration tests across our platform, hosted training infrastructure, and liquid compute layer - Build and maintain an internal red-teaming practice — automated and manual — targeting our most critical systems - Drive vulnerability management: triage, remediation SLAs, and root cause analysis DETECTION, RESPONSE & OBSERVABILITY - Build security monitoring and alerting across infrastructure (distributed clusters, Kubernetes, cloud) and application layers - Implement runtime security for containerized training workloads and sandboxed environments - Own incident response — build the playbooks, run the drills, lead the post-mortems - Design audit logging and forensic capability across all customer-facing systems COMPLIANCE & CUSTOMER TRUST - Drive SOC 2 Type II readiness and other compliance frameworks required by enterprise customers - Own the security narrative for customer-facing materials — questionnaires, architecture reviews, trust documentation - Partner with GTM to unblock enterprise deals that depend on security posture TECHNICAL REQUIREMENTS - 5+ years in security engineering, infrastructure security, or offensive security roles — ideally at companies operating multi-tenant cloud or compute infrastructure - Deep experience with cloud security (GCP preferred), Kubernetes security, and container runtime hardening - Hands-on ability to read, write, and audit code in Python and Rust (or strong systems-level language) - Experience with network security in distributed systems — service mesh, mTLS, network segmentation across heterogeneous hardware - Proven track record managing external penetration tests and translating findings into engineering action - Strong fundamentals in cryptography, identity/access management, and secure software development lifecycle NICE TO HAVE - Experience securing GPU infrastructure or ML training pipelines - Background in offensive security