Sr. Infrastructure & Security Engineer

About Hercules Hercules helps finance and operations leaders solve problems that are too complex, large-scale, or time-consuming for human teams to manage alone. Its platform automates the validation and verification of data across millions of high-volume, rules-based transactions, improving billing accuracy, reducing costs, and accelerating cash flow. Built on a modular, multi-AI agent architecture, Hercules delivers industry-specific solutions for staffing, insurance, government, and financial services. Its accuracy and consistency enable enterprises to achieve levels of precision and speed that were previously out of reach.  Headquartered in the United States, Hercules also has offices in the United Kingdom, Armenia, Canada, and Portugal. What you'll do Provision and optimize GPU compute across AWS, Azure, GCP, and specialized providers (CoreWeave, Lambda Labs), including Kubernetes GPU orchestration and hardware evaluation (NVIDIA H100/B200, AMD MI300X, Intel Gaudi)Design and maintain IaC foundations (Terraform, Pulumi, Helm) for agentic AI systems, including agent orchestration platforms, RAG stacks, vector databases, and model serving endpointsImplement policy-as-code guardrails (OPA, Sentinel, Kyverno) for autonomous agent workloadsDesign and enforce zero-trust architectures with network segmentation, IAM/RBAC least-privilege, and secrets management (Vault, AWS Secrets Manager)Configure and manage Cloudflare (or equivalent) for DDoS protection, WAF, bot management, SSL/TLS termination, and Zero Trust accessManage DNS security (DNSSEC, DMARC, SPF, DKIM), certificate lifecycle, and API security controls (mTLS, token management)Lead vulnerability management, penetration testing coordination, and CIS benchmarkingPartner with customer success teams to assess, secure, and threat-model customer deployment environmentsBuild and maintain CI/CD pipelines (GitHub Actions, GitLab CI) with integrated security scanning (SAST, DAST, SCA, container scanning)Deploy and manage Kubernetes clusters across cloud and on-prem with security-hardened, GPU-enabled configurationsImplement observability (Prometheus, Grafana, Splunk, Datadog) and SIEM integrationsLead incident response and drive compliance (SOC 2, ISO 27001, HIPAA, FedRAMP) through audit automation Qualifications Proven expertise with Terraform/Pulumi, IaC, policy-as-code, and scripting (Python, Bash, PowerShell)Hands-on GPU compute provisioning across major cloud and specialized providersExperience with Cloudflare or equivalent CDN/WAF/DDoS platforms for perimeter security and Zero TrustStrong background in AWS, Azure, GCP, and on-prem infrastructure with secure architecture focusProficiency in Kubernetes and Docker, including container security, GPU scheduling, and runtime protectionDeep understanding of network security, zero-trust principles, IAM/RBAC, and secrets managementCI/CD experience with integrated security scanningAbility to conduct security assessments, threat modeling, and work directly with customers Pay Range $175,000 - $230,000 Locations: Campbell, CA