Company Description
Open Innovation AI is a global technology company that specializes in developing advanced solutions for managing AI workloads. Its flagship product, the Open Innovation Cluster Manager (OICM), orchestrates complex AI tasks efficiently across diverse infrastructures. The platform is hardware-agnostic, optimized for various GPUs and accelerators hardware, and facilitates seamless integration and scalability for enterprise AI applications. Open Innovation AI focuses on optimizing and simplifying AI workload management and making AI technologies accessible to organizations of all sizes. With its innovative solutions, companies can reduce operational costs, accelerate time to value, and maximize their return on investment, ensuring that their AI strategies contribute directly to enhanced business outcomes
Role Overview:
We are seeking an experienced Security Engineer to lead the implementation of security controls across our platform, deployed within customer on-premises data centers and cloud environments.
Roles and Responsibilities:
- Design and maintain end-to-end security architecture across applications, Linux, Kubernetes, containerized workloads, storage, network, and compute for hybrid/on-prem/HPC environments.
- Deploy, configure, and maintain network security controls including Palo Alto NGFW with sandboxing, F5 load balancers, and NetScout DDoS protection appliances to secure platform services, data flows, and AI/ML workload ingress/egress.
- Implement and operate encryption and key-management technologies including Thales HSM/CTM, key vaults, and network encryptors, ensuring proper key lifecycle management and secure integration with Kubernetes runtime, storage, and ML pipelines.
- Manage identity, access, and privileged-access controls by operating Teleport PAM, enforcing RBAC across Kubernetes and host systems, and ensuring least-privilege access to GPU clusters, model storage, and infrastructure components.
- Deploy and maintain Cybereason EDR and host-level security baselines for Linux, Windows, GPU servers, and Kubernetes nodes. Enforcing runtime protection and system hardening for AI/ML training and inference workloads.
- Lead vulnerability scanning and remediation workflows using Tenable.cs and related tools, covering Kubernetes clusters, GPU nodes, container images, and supporting infrastructure, ensuring timely resolution of high impact CVEs.
- Ensure secure deployment and operational readiness of AI/ML environments by applying security baselines, validating Kubernetes controls, and coordinating with Security Architecture, DevOps, Platform, and ML Engineering teams to maintain a consistent security posture across hybrid and sovereign infrastructures.
Required Qualification, Experience, Competence and Certifications
- Bachelor’s degree in computer science, Information Security, or a related field.
- 5–8 years of practical security engineering experience implementing and operating security controls in hybrid or on-prem environments supporting distributed or Kubernetes-based platforms.
- Strong hands-on expertise with network and infrastructure security technologies, including Palo Alto NGFW, Cisco data center switches, DDoS protection systems, load balancers, and network encryption appliances.
- Practical experience implementing endpoint, identity, and key management technologies including EDR, PAM, HSM/KMS, MS PKI, and certificate/credential lifecycle controls.
- Deep understanding of vulnerability management, CVE/CVSS scoring, remediation practices, and securing containerized or GPU accelerated workloads.
- Hands-on experience with Kubernetes (on-prem or EKS), container runtimes, and secure configuration practices including RBAC, network policies, secrets encryption, and admission policies.
- Proficiency in Linux/Windows security hardening, infrastructure baseline configuration, and operational maintenance for high performance and AI/ML environments.
- Experience working in compliance driven or regulated environments, with strong communication and cross-team collaboration skills.
