Principal Engineer II at Menlosecurity

Menlo Security's [Upgrade to PRO to see link] mission is enabling the world to connect, communicate and collaborate securely without compromise. COVID-19 has made our mission all the more real. We support customers across various enterprises including Fortune 500 companies, 9/10 of the largest global banks and the Department of Defense. The world has fundamentally changed. We are growing from 400 employees into the next phase of our journey, and we need passionate talent filled with empathy and agility. The right candidate for the job is ethical, hyper-organized, fanatical about seeing things through to completion, service-oriented, and humble enough to take feedback and coaching yet confident enough to provide feedback and coaching. Menlo is well-funded for growth and our investors are second to none. They include Vista Equity Partners (“Vista [Upgrade to PRO to see link] General Catalyst, JPMC, American Express, HSBC, and Ericsson Ventures. About the Role Platform Infrastructure Engineering is responsible for building and operating Menlo Security's Infrastructure Platform. Together with the rest of our engineering teams, we enable our customers to connect to the Internet without compromise. Our environment provides services globally. We expect failure, build security in by design, create evolvable systems, and enable multi-tenancy across the infrastructure. Automation and thoughtful usage of Gemini and Claude AI tooling to accelerate our workflows is an absolute for us. We are committed to getting it done properly, the first time. As a Principal II Platform Infrastructure Engineer, you'll join a group of experienced engineers who are part of a globally distributed team responsible for building and managing the company's core infrastructure services and maintaining our constantly growing platform. The team operates a sophisticated cloud-native infrastructure built on Google Kubernetes Engine and VMs spanning multiple environments globally from development to production. Operating at the highest level of individual contribution, you will drive the technical vision for this environment. Crucially, you will draw on your expertise to guide the organization through complex architectural transformations, strategically decoupling legacy monolithic systems into scalable, highly resilient cloud-native microservices. Responsibilities - Architectural Leadership: Define the long-term architectural roadmap and design, deploy, and maintain VM and Kubernetes infrastructure on GCP and AWS across dozens of clusters spanning development, staging, and production environments in multiple regions. - Architectural Transformation: Lead the strategic modernization of our services, acting as the primary architectural guide for development teams navigating the complex transition from monolithic architectures to decoupled microservices. - Strategic Infrastructure as Code (IaC): Build and maintain Infrastructure as Code (IaC) using Terraform modules, managing resources through Spacelift or equivalent Terraform Automation and Collaboration Software (TACOS). Provision cloud infrastructure including networking, compute, storage, and security components primarily on GCP, with secondary AWS support. Implement and manage workflows with sophisticated multi-layer configuration management. - Cross-Functional Leadership: Partner with Engineering, Product, Compliance, and Security teams to design resilient, scalable systems. Consult on capacity planning, disaster recovery, and architectural decisions for cloud-native applications. - Next-Generation Observability: Build and maintain comprehensive observability solutions using Grafana Cloud, Prometheus/Mimir, and OTel collectors. Design Grafana dashboards, configure alerting rules, and ensure visibility across all platform components. - Advanced Networking & Security: Manage certificate lifecycle, DNS automation, ingress controllers, and service mesh networking with Cilium. - Engineering Excellence: Identify and eliminate toil through automation and usage of modern AI tools like Gemini and Claude. Write scripts, develop tools, and build CI/CD pipelines to improve operational efficiency and reduce manual work. - Operational Resilience: Participate in a 24x7 on-call rotation as part of a globally distributed team, responding to incidents and driving post-incident reviews. Requirements - Education & Experience: Bachelor's degree in Computer Science, similar technical field of study, or equivalent practical experience, coupled with 15+ years of progressive infrastructure engineering experience. - Transformation Expertise: Extensive, proven experience successfully guiding engineering organizations through large-scale architectural transformations from legacy monoliths to microservice-based ecosystems. - Technical Mastery: Proficiency in common programming & scripting languages. We use a lot of python, bash and go. - Cloud & Container Ecosystems: Kubernetes expertise including cluster administration, RBAC, networking, workload management, and troubleshooting across production environments. Knowledge of Google Cloud Platform services including GKE, VPC networking, Cloud DNS, Artifact Registry, Secret Manager, IAM, Gemini Code Assist, and Workload Identity. - Infrastructure as Code: Proven experience with Terraform for infrastructure provisioning and management. - Networking Expertise: Understanding of network topologies, communication protocols (ie. TCP/IP, HTTP/S, UDP, TLS) and enterprise grade connectivity solutions. Modern Workflows: Experience with GitOps methodologies and tools. Clear understanding of how to use LLM code assist tools to effectively build software. Our Compensation and Benefits At Menlo Security, Base Salary is one part of our competitive total compensation and benefits package and is determined using a salary range. The base salary range for this role is 158,000 CAD - 263,000 CAD. In accordance with Canadian law, the range provided is Menlo Security’s reasonable estimate of the base compensation for this role. The actual amount may be higher or lower, based on non-discriminatory factors such as experience, knowledge, skills, abilities, and location. All employees may be eligible to become Menlo Security shareholders through eligibility for stock-based compensation grants, which are awarded to employees based on company and individual performance. Menlo Security does not accept unsolicited resumes from search firm recruiters. Fees will not be paid in the event a candidate submitted by a recruiter without an agreement in place is hired; such resumes will be deemed the sole property of Menlo Security. Menlo Security is an equal opportunity employer. All aspects of employment will be based on merit, competence, performance, and business needs. We do not discriminate on the basis of race, color, religion, marital status, age, national origin, ancestry, physical or mental disability, medical condition, pregnancy, genetic information, gender, sexual orientation, gender identity or expression, veteran status, or any other status protected under federal, state, or local law. MSGL-I4 Follow us on LinkedIn [Upgrade to PRO to see link] Why Menlo? Our culture is collaborative, inclusive, and fun! We have five core values: Stay Aligned, Get It Done, Customer Empathy, Think Creatively and Help Each Other Out. We believe in open communication, supporting new ideas, and sharing a mutual mindset of what we’re aiming to achieve together. There are tremendous opportunities to take initiative, implement new ideas, and have a hand in building a legacy. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability. TO ALL AGENCIES: Please, no phone calls or emails to any employee of Menlo Security outside of the Talent organization. Menlo Security’s policy is to only accept resumes from agencies via Ashby (ATS). Agencies must have a valid services agreement executed and must have been assigned by the Talent team to a specific requisition. Any resume submitted outside of this process will be deemed the sole property of Menlo Security. In the event a candidate submitted outside of this policy is hired, no fee or payment will be paid.