Security Engineer, Cloud Infrastructure

About Mercor

Mercor is defining the future of work. We partner with leading AI labs and enterprises to provide the human intelligence essential to AI development.

Our vast talent network trains frontier AI models in the same way teachers teach students: by sharing knowledge, experience, and context that can't be captured in code alone. Today, more than 30,000 experts in our network collectively earn over $2 million a day.

Mercor is creating a new category of work where expertise powers AI advancement. Achieving this requires an ambitious, fast-paced and deeply committed team. You’ll work alongside researchers, operators, and AI companies at the forefront of shaping the systems that are redefining society.

Mercor is a profitable Series C company valued at $10 billion. We work in-person five days a week in our San Francisco, NYC, or London offices.

You'll own cloud and infrastructure security at a company where tenant isolation is a critical enterprise requirement. Mercor's customers - including frontier AI labs - need hard guarantees that their data stays within strict boundaries. This is not a compliance checkbox role. You'll architect multi-account AWS isolation, harden Kubernetes clusters, deploy cloud security posture management, and build the infrastructure that lets Mercor serve enterprise clients who demand the highest security bar.

We use AI heavily in our own security work. You should be comfortable building alongside AI code-gen tools, using LLMs to accelerate infrastructure review and policy authoring, and automating away the repetitive work that slows infrastructure security down. If you'd rather write a Terraform module than fill out a spreadsheet, you'll fit in here.

We're in-person five days a week at our SF headquarters, with first Fridays remote.

What You'll Build:

• Multi-account AWS tenant isolation architecture - dedicated accounts, SCPs, network boundaries, and data segregation for enterprise clients

• Cloud security posture management using Wiz CSPM - continuous monitoring, misconfiguration detection, and automated remediation

• Kubernetes security hardening - pod security standards, network policies, secrets management, and runtime protection

• Infrastructure-as-code security guardrails - Terraform/CloudFormation policies that prevent insecure deployments before they reach production

• IAM architecture and least-privilege access controls across AWS, Snowflake, and internal services

• Incident response infrastructure - logging pipelines, forensic readiness, and blast radius containment

What We're Looking For

• Deep AWS security expertise - you've architected multi-account strategies, written SCPs, and hardened production environments

• Experience with Kubernetes security in production - not just tutorials, you've secured real clusters running real workloads

• Strong infrastructure-as-code skills - Terraform, CloudFormation, or Pulumi - you think in code, not console clicks

• Experience with CSPM/CNAPP platforms (Wiz, Prisma Cloud, or similar) - deploying, tuning, and driving remediation

• Understanding of network security at the cloud level - VPCs, security groups, transit gateways, PrivateLink

• You've designed tenant isolation for multi-tenant SaaS - data segregation, compute isolation, network boundaries

• 5+ years of professional experience in cloud security, infrastructure security, or platform/SRE engineering with a strong security focus

Bonus Points

• Experience with Snowflake security - schema-level isolation, access controls, data sharing governance

• Familiarity with container runtime security (Falco, SentinelOne Cloud Workload Protection, or similar)

• Offensive cloud security skills - you've exploited misconfigurations and understand the attacker's perspective

• Experience building compliance-ready infrastructure (SOC 2, ISO 27001, FedRAMP)

• You've handled cloud security incidents - forensics, containment, and root cause analysis in AWS

• Contributions to open source infrastructure security tools

Why Mercor

• The deliverable is concrete. Enterprise clients require tenant isolation as a baseline. You'll build infrastructure that directly enables the business.

• AI-native infrastructure security. You'll use frontier AI tools daily - for policy authoring, misconfiguration analysis, and anything that benefits from an AI co-pilot.

• Ownership from day one. You'll own the entire cloud security domain - from AWS architecture to Kubernetes hardening to CSPM operations.

• See the future early. Working alongside AI labs means you'll understand frontier model capabilities months before the market.