DDN
1001 - 5000 employees
Founded 1998
🤖 Artificial Intelligence
💰 $10M Funding Round on 2011-06
Artificial Intelligence • Data Center and Cloud Computing • High Performance Computing
DDN is a global leader in AI data intelligence solutions, providing high-performance computing and sophisticated data management technologies. With a focus on accelerating AI deployments and advanced data analytics, DDN's products, including the Data Intelligence Platform and advanced storage systems, serve diverse sectors such as healthcare, financial services, and government. DDN is committed to transforming enterprise data infrastructure to leverage the full potential of AI and drive operational efficiency.
Staff Security Engineer
Job not on LinkedIn
🕒 April 20
📊 Check your resume score for this job
Improve your chances of getting an interview by checking your resume score before you apply.
DDN
1001 - 5000 employees
Founded 1998
🤖 Artificial Intelligence
💰 $10M Funding Round on 2011-06
Artificial Intelligence • Data Center and Cloud Computing • High Performance Computing
DDN is a global leader in AI data intelligence solutions, providing high-performance computing and sophisticated data management technologies. With a focus on accelerating AI deployments and advanced data analytics, DDN's products, including the Data Intelligence Platform and advanced storage systems, serve diverse sectors such as healthcare, financial services, and government. DDN is committed to transforming enterprise data infrastructure to leverage the full potential of AI and drive operational efficiency.
📋 Description
• Lead the design and implementation of end-to-end security architecture for distributed storage platforms, including S3-compatible systems, POSIX-compliant file systems, and KV cache–based data services • Partner closely with Data Path engineering teams to ensure secure, high-performance data movement across storage tiers, including encryption, integrity validation, and secure I/O handling • Lead threat modeling, security reviews, and Secure Software Development Lifecycle (SSDLC) practices across the platform • Define identity and access management (IAM) integrating enterprise identity providers such as LDAP, Active Directory, OIDC, and Keycloak, supporting SSO, MFA, and federation • Architect fine-grained authorization models using RBAC and ABAC across tenants, datasets, and resources • Design multi-tenant isolation mechanisms across namespaces, policies, encryption boundaries, and resource quotas, enforcing least privilege and segregation of duties • Collaborate with Control Plane teams to define secure APIs, authentication and authorization workflows, policy enforcement, and tenant lifecycle management • Work with Protocol and Ecosystem teams to secure S3 and POSIX/NFS interfaces, including request signing, session management, and endpoint security • Define and enforce encryption strategies for data at rest and in transit, including tenant-specific keys and dataset-level encryption policies • Drive observability and monitoring strategies to detect anomalous behavior, abnormal access patterns, and potential data exfiltration across the platform • Provide technical leadership and mentorship across cross-functional engineering teams, guiding secure design and implementation practices.
🎯 Requirements
• Bachelor’s or Master’s degree in Computer Science, Engineering, or a related field • 12+ years of experience in security architecture, infrastructure security, or distributed systems • Proven experience designing security for large-scale distributed systems or storage platforms • Strong understanding of data path vs. control plane architectures and their security implications • Deep expertise in encryption technologies, key management systems, and cryptographic frameworks • Experience integrating with external KMS solutions using KMIP or similar protocols • Strong knowledge of identity and access management (IAM), including RBAC, ABAC, SSO, MFA, and federation • Experience working with enterprise identity providers such as LDAP, Active Directory, and OIDC • Familiarity with secure API design, TLS 1.3, mutual TLS, and request signing mechanisms (e.g., SigV4) • Experience designing multi-tenant systems with strong isolation and policy enforcement • Knowledge of logging, auditing, and SIEM integration for security monitoring and compliance • Ability to collaborate effectively with protocol, storage, and platform engineering teams.
🏖️ Benefits
• Competitive salary • Flexible working hours • Professional development budget • Home office setup allowance • Global team events
Apply NowSimilar Jobs
🕒 April 16
Staff Cyber Security Engineer focusing on AI technologies and security alignment at NBCUniversal. Partnering with engineering teams and business stakeholders to ensure secure technology deployment.
🇺🇸 United States – Remote
💵 $125k - $155k / year
⏰ Full Time
🔴 Lead
👮♂️ Cybersecurity / Security Engineer
🦅 H1B Visa Sponsor
🕒 April 14
Director of IT & Security at Octave architecting technological resilience and security for rapid business growth. Leading a high-performing team while ensuring regulatory compliance.
🇺🇸 United States – Remote
💵 $190.2k - $220k / year
💰 $20M Series B on 2021-05
⏰ Full Time
🔴 Lead
👮♂️ Cybersecurity / Security Engineer
🦅 H1B Visa Sponsor
Cloud
Jamf
🕒 April 14
First dedicated security hire responsible for building security practices at AI infrastructure company. Defining company-wide security strategy and collaborating with engineering and research teams.
🇺🇸 United States – Remote
💵 $180k - $350k / year
⏰ Full Time
🔴 Lead
👮♂️ Cybersecurity / Security Engineer
🕒 April 13
Senior Product Marketing Manager at CrowdStrike driving go-to-market strategy for browser security. Overseeing messaging, product launches, and cross-functional collaboration.
🇺🇸 United States – Remote
💵 $145k - $220k / year
⏰ Full Time
🔴 Lead
👮♂️ Cybersecurity / Security Engineer
🦅 H1B Visa Sponsor
🕒 April 11
Information Security Architect focusing on secure AI architecture for Microsoft 365 Copilot and LLMs. Leading secure enterprise adoption while ensuring compliance in sensitive data handling.
