Senior Cloud Security Engineer
Company: Kodiak
Location: Mountain View
Posted on: April 1, 2026
|
|
|
Job Description:
Kodiak Robotics, Inc. was founded in 2018 and has become a
leader in autonomous ground transportation committed to a safer and
more efficient future for all. The company has developed an
artificial intelligence (AI) powered technology stack purpose-built
for commercial trucking and the public sector. The company delivers
freight daily for its customers across the southern United States
using its autonomous technology. In 2024, Kodiak became the first
known company to publicly announce delivering a driverless
semi-truck to a customer. Kodiak is also leveraging its commercial
self-driving software to develop, test and deploy autonomous
capabilities for the U.S. Department of Defense. We are seeking a
highly skilled and proactive Senior Cloud Security Engineer to join
our growing security team. In this role, you will be the primary
architect and guardian of our central command and control center
application environment, ensuring that our cloud-native
platforms—and the data within them—remain secure against an
evolving threat landscape. The ideal candidate bridges the gap
between traditional security engineering and modern DevOps,
possessing a deep understanding of how to secure multi-tenant cloud
environments without compromising agility. In this role, you will:
Scope, design, and build complex security systems end to end,
maintaining them through production and driving through ambiguous
technical challenges with minimal oversight Identify systematic
risks through threat modeling and risk assessment, then build the
controls and infrastructure that address them Enable other teams to
build their own security solutions by providing design pattern
guidance and expanding security ownership beyond the security team
Developer security and supply chain Build and advance our developer
security program by embedding security practices into the software
development lifecycle and developer workflows Harden CI/CD
pipelines against supply chain attacks through isolated build
environments, signed attestations, dependency verification, and
automated policy enforcement Identity and secrets management
Architect systems that protect sensitive assets including model
weights, customer data, and training datasets Build and operate
credential issuance, rotation, and workload authentication across
our multi-cloud environments Infrastructure security Implement and
maintain cloud security controls including IAM, network
segmentation, VPC architecture, and encryption across our
multi-cloud and on-prem environments Contribute to cluster security
controls including RBAC policies, namespace isolation, workload
identity, and pod security Contribute to continuous cloud security
posture management using infrastructure-as-code scanning,
misconfiguration detection, and automated remediation Secure
frameworks Build critical security foundations including
cryptographic frameworks, mTLS infrastructure, secure
serialization, and authorization systems, designed to prevent
entire classes of vulnerabilities and empower engineering teams to
work securely without becoming security experts themselves Partner
with product, research, infrastructure, and other security teams to
ensure frameworks integrate smoothly with lower-layer security
controls What you'll bring: At least 6 years of software
engineering experience with deep security expertise, including
leading complex security initiatives independently Bachelor's
degree in Computer Science or equivalent industry experience Strong
programming skills in Python or at least one systems language such
as Go, Rust, or C/C++ Deep understanding of identity systems,
cryptographic primitives, and secrets management Working knowledge
of Kubernetes security primitives including RBAC, namespaces,
network policies, and service accounts Experience leading
cross-functional security initiatives and navigating complex
organizational dynamics Outstanding communication skills,
translating technical concepts effectively across all levels of the
organization A track record of bringing clarity and ownership to
ambiguous technical problems and driving them to resolution Low ego
and high empathy, with a history of growing the engineers around
you and supporting diverse, inclusive teams Bonus Points for:
Designed or operated identity and secrets management systems for
large-scale AI or cloud infrastructure Built security frameworks or
libraries adopted across an engineering organization Led a
developer security program including supply chain security, secure
build infrastructure, and SDLC integrations Built or secured CI
infrastructure using Nix, Bazel, or Kubernetes-based deploy
systems, with depth in toolchain issues, CI/CD pipelines, and
developer workflow optimization Implemented machine identity or
workload authentication systems using SPIFFE/SPIRE, mTLS, or
equivalent Understanding of Linux systems internals including
namespaces, cgroups, and seccomp, and how these underpin container
and workload isolation Contributed to the security architecture of
multi-cloud environments including network segmentation, data
protection, and access governance Experience with network security
controls including admission controllers, CNI-level policy, service
mesh security, and east-west traffic enforcement Experience
building runtime security monitoring using eBPF or kernel security
policies What we offer: Competitive compensation package including
equity and annual bonuses Excellent Medical, Dental, and Vision
plans through Kaiser Permanente, Cigna, and MetLife (including a
medical plan with infertility benefits) MetLife Legal Services,
Identity & Fraud Protection, Hospital Indemnity Insurance, Accident
Insurance, & Critical Illness Insurance Flexible PTO, 10 paid
holidays, and generous parental leave policies Our office is
centrally located in Mountain View, CA Office perks: dog-friendly,
free catered lunch, a fully stocked kitchen, and free EV charging
Long Term Disability, Short Term Disability, Life Insurance
Wellbeing Benefits - Headspace through Cigna, Calm through Kaiser,
One Medical, Gympass, Spring Health through Cigna, Rula (mental
health navigation) Fidelity 401(k) Commuter, FSA, Dependent Care
FSA, HSA Various incentive programs (referral bonuses, patent
bonuses, etc.) The pay range listed below reflects the base salary
in our SF/Silicon Valley location, across several internal levels.
Actual starting pay will be based on job-related factors including:
work location, experience, relevant training, education, skill
level and performance during interview. Total compensation at
Kodiak includes base pay, equity, bonus and a competitive benefits
package California Pay Range $190,000 - $250,000 USD At Kodiak, we
strive to build a diverse community working towards our common
company goals in a safe and collaborative environment where
harassment of any kind is strictly prohibited. Kodiak is committed
to equal opportunity employment regardless of race, ethnicity,
religion, gender identity, sexual orientation, age, disability, or
veteran status, or any other basis protected by applicable law. In
alignment with its business operations, Kodiak adheres to all
relevant statutes, regulations, and administrative prerequisites.
Accordingly, roles that carry more sensitive requirements may be
limited to candidates that can satisfy additional scrutiny and
eligibility for such positions may hinge on verification of a
candidate’s residence, U.S. person status, and/or citizenship
status. Should the position require, and Kodiak determines that a
candidate’s residence, U.S. person status, and/or citizenship
status necessitate an export license, bar the candidate from the
position, or otherwise fall under national security-related
restrictions, Kodiak will consider the candidate for alternative
positions unaffected by such restrictions, under terms and
conditions set forth at Kodiak’s sole discretion, or, as an
alternative, opt not to proceed with the candidate’s application.
If applicable, Kodiak may provide visa sponsorship for eligible
candidates. We use a third-party AI tool (Endorsed) to assist in
the initial screening of applications. As part of the evaluation
process, we provide Endorsed with job requirements and
candidate-submitted applications. Final hiring decisions are made
by our human recruitment team, and no automated system makes the
ultimate decision regarding hiring. Certain features of the
platform may qualify it as an Automated Employment Decision Tool
(AEDT) under applicable regulations. We began using Endorsed on
January 1, 2026. You can review the independent bias audit report
covering our use of Endorsed [here](
https://endorsed.com/local-law-144 ). By submitting your
application, you acknowledge that your application may be processed
by AI systems as part of the screening and selection process. If
you have any questions or would like to request a separate review
of your application, please contact careers@kodiak.ai with
"Separate Review Request" in the email subject line.
Keywords: Kodiak, Santa Rosa , Senior Cloud Security Engineer, IT / Software / Systems , Mountain View, California
