Director of Infrastructure

Help define the future of hardware development by building a collaboration platform for circuit designs, enabling the next generation of smart vehicles, IoT devices, rockets, medical devices, robotics, and much more.

At AllSpice, we're building the agile development environment for hardware designers, including a Git-friendly translation layer and automated CI/CD framework for native circuit designs, think GitHub/GitLab + Copilot for electronics.

Read more about our latest Series A announcement here!

As Director of Infrastructure, you will own AllSpice's infrastructure strategy, security posture, and compliance programs while building and leading a small, high-impact team. This is a hands-on leadership role: roughly 60% management and strategic work, 40% individual contribution, reporting to the CTO. With the team at 1–2 people for the next 12 months, you need to be equally comfortable drafting a Terraform module and presenting a security review to an enterprise customer's CISO.

If you are passionate about building secure, scalable infrastructure and want executive-level ownership at a fast-growing startup, this role is for you.

This is a high-impact role that comes with significant autonomy and requires a self-driven, strategic, and collaborative leader. You will own our infrastructure, security, and compliance programs end-to-end.

• Own AllSpice's security posture: policies, incident response, disaster recovery, and ongoing risk assessment

• Maintain SOC 2 compliance, penetration testing, and audit processes; evaluate additional security certifications as needed

• Make architectural decisions on infrastructure direction, including cloud strategy, cost optimization, high availability, and scaling

• Work with legal counsel on security and data-protection matters, including DPAs, breach notification obligations, and regulatory requirements

• Partner with customer success and sales to support enterprise deployments, IT security reviews, and SSO/OIDC integrations

• Serve as the primary technical point of contact for customer InfoSec questionnaires and procurement processes

• Support self-hosted and GovCloud deployments for customers with ITAR, EAR, or CUI requirements

• Hire, mentor, and manage infrastructure engineers as the team grows

• Set team goals, define processes, and establish on-call rotations

• Participate in the on-call rotation and lead incident response when needed

• Create growth paths for ICs and foster a culture of operational excellence

• Architect and maintain production AWS environments using Terraform and infrastructure-as-code

• Automate deployments, backups, and disaster recovery across cloud and self-hosted configurations

• Monitor and improve performance, availability, and cost efficiency of production systems

• Work closely with application developers to deploy infrastructure solutions to product problems

• Scale infrastructure for zero-downtime deployments across multi-region AWS accounts

• Plan and evaluate horizontal scaling strategies for compute runtime to support growing workloads and concurrent users

• Drive SOC 2 Type II renewals and maintain ongoing compliance cadence

• Stress-test backup and disaster recovery procedures and publish runbooks

• Identify opportunities to reduce cloud spend while improving performance

• Coordinate tabletop exercises and incident response drills with the Security Incident Response Team

• Lead an enterprise customer through a self-hosted deployment, including architecture review, SSO integration, and security sign-off

• Terraform & Docker Swarm deployed to AWS for production infrastructure

• Grafana, Loki, and Prometheus for observability

• GitHub Actions for CI/CD

• Playwright for e2e testing

• Gitea application fork

  • Go [server-side]

• PostgreSQL

Our ideal candidate has:

• 8+ years of cloud infrastructure and/or security engineering experience

• 2+ years of people management experience (hiring, mentoring, performance management)

• Deep hands-on expertise with AWS services (IAM, GuardDuty, VPC, Lambda, etc.), Linux administration, and Docker

• Demonstrated ownership of security policy, compliance programs (SOC 2, ISO 27001), and incident response

• Experience coordinating with legal counsel, customer-facing teams, and executive leadership on security and compliance matters

• Strong project management skills with ability to lead cross-functional initiatives from engineers to customers

• Comfort with ambiguity and a high degree of autonomy

• Bachelor's degree or higher in a technology-related field

• Must be a U.S. Citizen or Lawful Permanent Resident (Green Card holder)

• (preference, not required) Availability to work out of our flex offices in San Francisco or Boston 1–2 days per week

You don't need to check every box, but the more of these you bring, the better:

• Terraform and infrastructure-as-code at scale

• AWS services (IAM, GuardDuty, Elasticsearch, ElastiCache, Lambda) and experience with other cloud providers (GCP, Azure)

• Docker and Kubernetes

• Bash and Python scripting

• nginx and reverse-proxy services

• PostgreSQL administration

• SOC 2, ISO 27001, and other security certification frameworks

• ITAR/EAR/CUI compliance and GovCloud deployments

• SSO, OIDC, LDAP, and enterprise authentication

• Vulnerability scanning, penetration testing coordination, and vendor security reviews

• Hiring, mentoring, and building infrastructure teams from the ground up

• Working with legal counsel on data protection, DPAs, and regulatory matters

• Customer-facing technical communication (InfoSec reviews, enterprise onboarding)

• Project management using tools such as Jira, Notion, or similar