Senior Platform Infrastructure Engineer (SRE Enablement) at Menlosecurity

Menlo Security's [Upgrade to PRO to see link] mission is enabling the world to connect, communicate and collaborate securely without compromise. COVID-19 has made our mission all the more real. We support customers across various enterprises including Fortune 500 companies, 9/10 of the largest global banks and the Department of Defense. The world has fundamentally changed. We are growing from 400 employees into the next phase of our journey, and we need passionate talent filled with empathy and agility. The right candidate for the job is ethical, hyper-organized, fanatical about seeing things through to completion, service-oriented, and humble enough to take feedback and coaching yet confident enough to provide feedback and coaching. Menlo is well-funded for growth and our investors are second to none. They include Vista Equity Partners (“Vista [Upgrade to PRO to see link] General Catalyst, JPMC, American Express, HSBC, and Ericsson Ventures. ABOUT THE ROLE Platform Infrastructure Engineering is responsible for building and operating Menlo Security's Infrastructure Platform. Together with the rest of our engineering teams, we enable our customers to connect to the Internet without compromise. Our environment provides services globally. We expect failure, build security in by design, create evolvable systems, and enable multi-tenancy across the infrastructure. Automation is an absolute for us. We are committed to getting it done properly, the first time. As a Platform Infrastructure Engineer, you'll join a group of experienced engineers who are part of a globally distributed team responsible for building and managing the company's core infrastructure services and maintaining our constantly growing platform. The team operates a sophisticated cloud-native infrastructure built on Google Kubernetes Engine and VMs spanning multiple environments globally from development to production. We manage infrastructure as code with Terraform and Spacelift orchestration, and deploy services using Helm charts. Our platform emphasizes security-first design, comprehensive observability, and multi-region resilience. Success in this role requires working with a vast VM fleet in AWS and GCP as well as Kubernetes, writing Infrastructure as Code, and a passion for automation and reliability engineering. RESPONSIBILITIES - Architect and govern the design, deployment, and operation of high-scale, multi-region VM and Kubernetes infrastructure on GCP and AWS, ensuring maximum resilience and performance across all environments. - Drive cross-functional technical alignment with Engineering, Product, Compliance, and Security teams, serving as the architectural consultant and leader for major initiatives involving capacity planning, disaster recovery, and cloud-native application design. - Define and enforce organizational best practices and standards for Infrastructure as Code (IaC) using Terraform and Spacelift, ensuring consistency and security across all provisioned cloud resources (GCP/AWS). - Design and manage complex, multi-layer configuration management and deployment workflows that optimize reliability and operational efficiency across the entire platform. - Set the technical direction and implement comprehensive observability solutions (Grafana Cloud, Prometheus/Mimir, OTel collectors), establishing organization-wide standards for system visibility, metrics, and alerting. - Define the strategic architecture and lifecycle management of core platform services, including certificate management, DNS automation, ingress controllers, and service mesh networking (Cilium). - Proactively identify and lead large-scale strategic efforts to eliminate technical toil and improve operational efficiency through the development of tools, strategic automation, and building advanced CI/CD pipelines. - Mentor and provide deep technical guidance to both junior and senior engineers within Platform Infrastructure Engineering. - Participate in a 24x7 on-call rotation as part of a globally distributed team, responding to incidents and driving post-incident reviews to ensure long-term solutions and process i REQUIREMENTS - Bachelor's degree in Computer Science, similar technical field of study, or equivalent practical experience. - Proficiency in common programming & scripting languages. We use a lot of python, bash and go. - Understanding of network topologies, communication protocols (ie. TCP/IP, HTTP/S, UDP, TLS) and enterprise grade connectivity solutions. - Kubernetes expertise including cluster administration, RBAC, networking, workload management, and troubleshooting across production environments. - Proven experience with Terraform for infrastructure provisioning and management. - Knowledge of Google Cloud Platform services including GKE, VPC networking, Cloud DNS, Artifact Registry, Secret Manager, IAM, Gemini Code Assist, and Workload Identity. - Prior experience and success mentoring other junior and senior engineers - Experience with GitOps methodologies and tools. - Clear understanding of how to use LLM code assist tools to effectively build software. Follow us on LinkedIn [Upgrade to PRO to see link] Why Menlo? Our culture is collaborative, inclusive, and fun! We have five core values: Stay Aligned, Get It Done, Customer Empathy, Think Creatively and Help Each Other Out. We believe in open communication, supporting new ideas, and sharing a mutual mindset of what we’re aiming to achieve together. There are tremendous opportunities to take initiative, implement new ideas, and have a hand in building a legacy. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability. TO ALL AGENCIES: Please, no phone calls or emails to any employee of Menlo Security outside of the Talent organization. Menlo Security’s policy is to only accept resumes from agencies via Ashby (ATS). Agencies must have a valid services agreement executed and must have been assigned by the Talent team to a specific requisition. Any resume submitted outside of this process will be deemed the sole property of Menlo Security. In the event a candidate submitted outside of this policy is hired, no fee or payment will be paid.