Senior Infrastructure Security Engineer

Matter Labs AG

Job Overview

Location

United States

Job Type

Full-time

Full Job Description

📋 Description

• Own and harden the corporate and production infrastructure security posture for Matter Labs, focusing on identity, endpoint, detection-and-response, cloud, and CI/CD security.
• Design and enforce least-privilege access policies and phishing-resistant MFA across the entire organization, ensuring secure configuration of identity and collaboration platforms.
• Build, tune, and maintain security detections using a modern SIEM and SOAR platform; onboard new log sources and automate response playbooks to reduce mean-time-to-detect and mean-time-to-respond.
• Secure the cloud infrastructure including IAM, network controls, workload identity, and organization-level guardrails across multi-cloud environments.
• Manage endpoint security for a macOS-dominant fleet: configure MDM, enforce baseline hardening standards, tune EDR, and ensure telemetry is effective without degrading engineer productivity.
• Lead end-to-end security incident investigations including containment, forensic analysis, root cause determination, remediation, and post-mortem documentation to improve future defenses.
• Conduct threat modeling and architecture reviews for new internal systems and infrastructure changes, translating findings into prioritized, actionable engineering work.
• Partner with DevOps, IT Ops, Protocol Security, and Product Engineering to embed security as a default property of operations, not a checkpoint.
• Review Infrastructure as Code for security regressions, implement guardrails, and collaborate on secrets management and supply-chain controls.
• Maintain and improve detection-as-code pipelines using Git-based rule management, CI validation, and purple-team testing to ensure detection reliability and scalability.
• Drive secure configuration of third-party applications, implement data loss prevention (DLP), and enforce context-aware access controls across the organization.
• Participate in on-call rotations for security incidents and ensure runbooks are continuously updated based on real-world events and lessons learned.
• Communicate security risks clearly and constructively to both engineering and non-engineering stakeholders, influencing outcomes without direct authority over all systems.
• Maintain alignment with compliance frameworks such as SOC 2 and ISO 27001 by translating control requirements into practical engineering implementations and supporting audit readiness.

🎯 Requirements

• 5+ years of hands-on infrastructure or detection-and-response security experience.
• Production experience securing a cloud-based identity and collaboration platform at scale, including specific implementation of access policies, third-party app governance, and incident response.
• Hands-on experience with a modern SIEM and SOAR platform for writing detections, onboarding logs, building playbooks, and reducing false positives.
• Strong cloud security background including IAM, network controls, workload identity, and organization-level guardrails.
• Practical experience securing a macOS-dominant endpoint fleet with MDM, endpoint hardening, and EDR tuning.
• Real incident response experience, including leading investigations to conclusion and being on-call for security incidents.

🏖️ Benefits

• Remote-first work model with flexibility to work wherever most effective; optional travel to team or industry events.
• Freedom & ownership culture with no time tracking or bureaucracy — only results matter.
• Opportunity to secure open-source, decentralized infrastructure powering ZKsync and a meaningful chunk of value on Ethereum L2.
• Work within a lean, high-leverage security team where you own domains end-to-end rather than narrow slices.
• Exposure to cutting-edge zero-knowledge cryptography and blockchain infrastructure.
• Access to the company’s Team Handbook for insight into culture and operational philosophy.

Skills & Technologies

Kubernetes

Git

DevOps

Senior

Remote

Ready to Apply?

Apply Externally

You will be redirected to an external site to apply.

Matter Labs AG

Visit Website

About Matter Labs AG

Matter Labs AG is a Swiss-incorporated technology company that develops and maintains zkSync, a layer-2 scaling protocol for Ethereum. The firm focuses on zero-knowledge cryptography to increase transaction throughput and reduce costs while preserving security, decentralization, and user self-custody. Founded in 2018 by Alex Gluchowski, the company provides open-source tools and infrastructure for developers and enterprises to integrate scalable blockchain applications.

View Company Profile

Get more remote jobs like this

Subscribe to the weekly newsletter for similar remote roles and curated hiring updates.

Weekly remote jobs and featured talent.

No spam. Only curated remote roles and product updates. You can unsubscribe anytime.