Infrastructure Security Engineer

Alpen Labs is building the infrastructure layer that expands what Bitcoin can do. We’re building Alpen to become Bitcoin’s financial system, enabling users and institutions to access financial services directly on Bitcoin. Founded by MIT alumni and based in New York, the company focuses on advancing Bitcoin through innovations in zero-knowledge cryptography, scalable Layer 2 systems, and trust-minimized programmable infrastructure.

We believe Bitcoin is entering a new phase where developers, institutions, and financial systems will build directly on top of it. Alpen enables this by adding financial services, privacy, and usability layers to Bitcoin, making it practical to use as money at a global scale.

Our team includes engineers and researchers from organizations such as Blockstream, Palantir, and Nethermind, as well as contributors to major open-source cryptography and blockchain projects.

As a Senior Infrastructure Security Engineer, you will lead the security of Alpen’s cloud infrastructure, production systems, internal platforms, and operational environments. This role is ideal for someone who combines deep technical security expertise with a strong sense of ownership and a pragmatic approach to balancing security, reliability, and developer productivity.

You’ll play a critical role in strengthening Alpen’s security posture as we scale a global, distributed Bitcoin infrastructure platform. Working closely with infrastructure, platform, and engineering teams, you’ll design secure systems, improve detection and response capabilities, and embed security throughout the software and operational lifecycle.

• →

  Design, implement, and maintain security controls across AWS and cloud-native infrastructure

• →

  Lead infrastructure hardening initiatives across servers, containers, Kubernetes clusters, and cloud services

• →

  Drive identity and access management programs, including least-privilege access, RBAC, privileged access management, and secrets management

• →

  Own vulnerability management processes, remediation programs, and infrastructure security reviews

• →

  Build and improve security monitoring, detection engineering, alerting, and incident response capabilities

• →

  Investigate security incidents, conduct root-cause analysis, and lead response and recovery efforts

• →

  Develop and maintain incident response playbooks, operational procedures, and security runbooks

• →

  Partner with engineering teams to secure CI/CD pipelines, deployment workflows, and developer platforms

• →

  Review infrastructure architecture and operational changes to identify and mitigate security risks

• →

  Automate security controls and integrate security tooling into engineering workflows

• →

  Conduct threat modeling and architecture reviews for infrastructure and platform services

• →

  Support endpoint security, device management, vendor security assessments, and internal security initiatives

• →

  Establish security metrics, reporting, and visibility into operational risk across the organization

• →

  Collaborate effectively within a globally distributed team
  

• 7+ years of experience in infrastructure security, security engineering, security operations, or related fields

• Strong experience securing cloud environments, particularly AWS

• Deep understanding of Linux systems administration and security

• Hands-on experience with Kubernetes, containers, and cloud-native infrastructure

• Experience with SIEM, EDR, logging, monitoring, and incident response tooling

• Strong knowledge of networking, VPNs, DNS, firewalls, load balancing, and network security principles

• Experience implementing IAM, RBAC, secrets management, and privileged access controls

• Experience securing CI/CD pipelines and infrastructure-as-code environments

• Strong scripting or programming skills in Python, Go, Bash, Rust, or similar languages

• Experience leading security initiatives in production environments

• Experience supporting blockchain, fintech, or financial infrastructure environments

• Experience securing Bitcoin, Layer 2, or distributed systems infrastructure

• Familiarity with Terraform, Pulumi, Ansible, or similar infrastructure-as-code tooling

• Experience with SOC 2, ISO 27001, or similar security and compliance frameworks

• Knowledge of zero-trust architectures and modern cloud security practices

• Experience with threat hunting, detection engineering, and threat intelligence programs

• Background working in startup or high-growth environments