Senior Security Engineer

Employment Type

About TensorWave

About The Role

• Weve established a hardened security baseline and are now scaling it into a mature, enterprise-grade security estate.
• Reporting directly to the CISO and partnering with leads across Engineering, Platform, and the business, youll be the technical linchpin who designs the architecture
• *and*
• writes the code that makes it real.
• This is a hybrid architect-builder role.
• Youll move between high-level design sessions on our next-gen GPU fabric and the editor where you ship the Go, Python, or Rust that secures our APIs, orchestration plane, and firmware stack.
• If you believe the best way to prove an architecture is to build it, this is your seat.
• ****What You’ll Do****
• Architect and build security across the stack. Partner with Core Architecture and DevOps on threat modeling, design reviews, and the automated guardrails that let engineering move fast without breaking the security promise.
• Harden the fabric, cradle to grave. Own hardware lifecycle security across our AMD Instinct clusters and high-speed fabrics (InfiniBand / RoCE). Build the code behind TPM 2.0 / Secure Boot, cryptographic attestation, and programmable trust.
• Lead our open firmware security commitment. Keep our OpenBMC, coreboot, and ROCm ecosystems continuously secure, auditable, and open. Design and implement the tooling that makes hardware management transparent by default.
• Engineer Zero-Trust IAM. Design and implement least-privilege automation across the management plane, with identity-based micro-segmentation wired into our orchestration engines.
• Make compliance push-button. Act as the CISOs right hand scaling SOC2 and ISO 27001. Replace manual evidence collection with continuous monitoring and "always-on" controls.
• Operate as a purple teamer. Think like an attacker, then ship the telemetry, detections, and hardening to close what you found.
• Evangelize Security-as-Code. Version-controlled policy, shift-left integration, self-healing infrastructure. Manual configuration is a vulnerability we dont accept.
• ****Who You Are****

Required Qualifications

• Deep experience securing High-Performance Computing or large GPU environments, including Linux internals and high-speed fabric isolation (InfiniBand / RoCE).
• Strong coding chops in Go, Python, or Rust you build functions that run themselves rather than dashboards that need to be watched.
• Hands-on with Infrastructure-as-Code (Terraform, Pulumi, Ansible) and Kubernetes at production scale.
• Working knowledge of hardware roots of trust: TPM 2.0, Secure Boot, measured boot, attestation.
• Familiarity with open firmware stacks (OpenBMC, coreboot) and the AMD / ROCm ecosystem is a strong plus.
• Proven track record building Zero-Trust architectures and driving SOC2 / ISO 27001 programs toward automation.
• Background in a fast-scaling startup or high-end security consultancy where you built things from scratch and then wrote the code to keep them secure.
• Architect-builder mindset: equally comfortable in a whiteboard session and a pull request review.
• ****What We Offer****
• Stock Options
• 100% paid Medical, Dental, and Vision insurance for Employees

• Company Health Savings Account Contributions

• 100% paid Short Term and Long Term Disability Insurance for Employees
• Life and Voluntary Supplemental Insurance Options
• Other Insurance Options, such as Pet & Legal Insurance
• Various Supplementary Health Benefits, such as discounted Virtual Healthcare Appointments and Serious Illness Support

• Flexible Spending Account

• 401(k)

• Employee Assistance Program

• Flexible PTO
• Paid Holidays
• Parental Leave

Equal Employment Opportunity

Reasonable Accommodations

Employment Eligibility

Background Checks

Data Privacy Notice

• By submitting an application, you acknowledge that TensorWave may collect, use, and retain your personal information for recruiting and employment-related purposes in accordance with applicable data privacy laws.
• ****What You’ll Do****
• Architect and build security across the stack. Partner with Core Architecture and DevOps on threat modeling, design reviews, and the automated guardrails that let engineering move fast without breaking the security promise.
• Harden the fabric, cradle to grave. Own hardware lifecycle security across our AMD Instinct clusters and high-speed fabrics (InfiniBand / RoCE). Build the code behind TPM 2.0 / Secure Boot, cryptographic attestation, and programmable trust.
• Lead our open firmware security commitment. Keep our OpenBMC, coreboot, and ROCm ecosystems continuously secure, auditable, and open. Design and implement the tooling that makes hardware management transparent by default.
• Engineer Zero-Trust IAM. Design and implement least-privilege automation across the management plane, with identity-based micro-segmentation wired into our orchestration engines.
• Make compliance push-button. Act as the CISOs right hand scaling SOC2 and ISO 27001. Replace manual evidence collection with continuous monitoring and "always-on" controls.
• Operate as a purple teamer. Think like an attacker, then ship the telemetry, detections, and hardening to close what you found.
• Evangelize Security-as-Code. Version-controlled policy, shift-left integration, self-healing infrastructure. Manual configuration is a vulnerability we dont accept.
• ****Required Qualifications****
• Deep experience securing High-Performance Computing or large GPU environments, including Linux internals and high-speed fabric isolation (InfiniBand / RoCE).
• Strong coding chops in Go, Python, or Rust you build functions that run themselves rather than dashboards that need to be watched.
• Hands-on with Infrastructure-as-Code (Terraform, Pulumi, Ansible) and Kubernetes at production scale.
• Working knowledge of hardware roots of trust: TPM 2.0, Secure Boot, measured boot, attestation.
• Familiarity with open firmware stacks (OpenBMC, coreboot) and the AMD / ROCm ecosystem is a strong plus.
• Proven track record building Zero-Trust architectures and driving SOC2 / ISO 27001 programs toward automation.
• Background in a fast-scaling startup or high-end security consultancy where you built things from scratch and then wrote the code to keep them secure.
• Architect-builder mindset: equally comfortable in a whiteboard session and a pull request review.
• ****What We Offer****
• Stock Options
• 100% paid Medical, Dental, and Vision insurance for Employees

• Company Health Savings Account Contributions

• 100% paid Short Term and Long Term Disability Insurance for Employees
• Life and Voluntary Supplemental Insurance Options
• Other Insurance Options, such as Pet & Legal Insurance
• Various Supplementary Health Benefits, such as discounted Virtual Healthcare Appointments and Serious Illness Support

• Flexible Spending Account

• 401(k)

• Employee Assistance Program

• Flexible PTO
• Paid Holidays
• Parental Leave

Equal Employment Opportunity

Reasonable Accommodations

Employment Eligibility

Background Checks

Data Privacy Notice

• By submitting an application, you acknowledge that TensorWave may collect, use, and retain your personal information for recruiting and employment-related purposes in accordance with applicable data privacy laws.
• ****What You’ll Do****
• Architect and build security across the stack. Partner with Core Architecture and DevOps on threat modeling, design reviews, and the automated guardrails that let engineering move fast without breaking the security promise.
• Harden the fabric, cradle to grave. Own hardware lifecycle security across our AMD Instinct clusters and high-speed fabrics (InfiniBand / RoCE). Build the code behind TPM 2.0 / Secure Boot, cryptographic attestation, and programmable trust.
• Lead our open firmware security commitment. Keep our OpenBMC, coreboot, and ROCm ecosystems continuously secure, auditable, and open. Design and implement the tooling that makes hardware management transparent by default.
• Engineer Zero-Trust IAM. Design and implement least-privilege automation across the management plane, with identity-based micro-segmentation wired into our orchestration engines.
• Make compliance push-button. Act as the CISOs right hand scaling SOC2 and ISO 27001. Replace manual evidence collection with continuous monitoring and "always-on" controls.
• Operate as a purple teamer. Think like an attacker, then ship the telemetry, detections, and hardening to close what you found.
• Evangelize Security-as-Code. Version-controlled policy, shift-left integration, self-healing infrastructure. Manual configuration is a vulnerability we dont accept.
• ****Required Qualifications****
• Deep experience securing High-Performance Computing or large GPU environments, including Linux internals and high-speed fabric isolation (InfiniBand / RoCE).
• Strong coding chops in Go, Python, or Rust you build functions that run themselves rather than dashboards that need to be watched.
• Hands-on with Infrastructure-as-Code (Terraform, Pulumi, Ansible) and Kubernetes at production scale.
• Working knowledge of hardware roots of trust: TPM 2.0, Secure Boot, measured boot, attestation.
• Familiarity with open firmware stacks (OpenBMC, coreboot) and the AMD / ROCm ecosystem is a strong plus.
• Proven track record building Zero-Trust architectures and driving SOC2 / ISO 27001 programs toward automation.
• Background in a fast-scaling startup or high-end security consultancy where you built things from scratch and then wrote the code to keep them secure.
• Architect-builder mindset: equally comfortable in a whiteboard session and a pull request review.
• ****What We Offer****
• Stock Options
• 100% paid Medical, Dental, and Vision insurance for Employees

• Company Health Savings Account Contributions

• 100% paid Short Term and Long Term Disability Insurance for Employees
• Life and Voluntary Supplemental Insurance Options
• Other Insurance Options, such as Pet & Legal Insurance
• Various Supplementary Health Benefits, such as discounted Virtual Healthcare Appointments and Serious Illness Support

• Flexible Spending Account

• 401(k)

• Employee Assistance Program

• Flexible PTO
• Paid Holidays
• Parental Leave

Equal Employment Opportunity

Reasonable Accommodations

Employment Eligibility

Background Checks

Data Privacy Notice

Job Details

About The Company

Report