Overview

About Periodic Labs

Periodic Labs is an AI + physical sciences lab focused on building state-of-the-art models to enable novel scientific discoveries. The company is well funded and growing rapidly. Team members act as owners who identify and solve problems without boundaries or bureaucracy, eagerly learning new tools and science to advance the mission.

About the Role (Lead Security Engineer)

The Lead Security Engineer will lead, design, build, and operate security engineering at Periodic Labs. Responsibilities include securing systems that support research and operations such as cloud environments, clusters, internal developer platforms, identity systems, secrets management, SaaS access patterns, and lab-adjacent infrastructure. The role involves close collaboration with research, infrastructure, lab, and operations teams to reduce risk while maintaining experimental velocity. This is a hands-on engineering role involving automation development, control deployment, incident response leadership, and raising security standards. The engineer will set pragmatic standards and build tools that make secure practices easy for the company.

Key Responsibilities

• Own security architecture across cloud platforms (AWS, GCP, Azure), Kubernetes, internal services, and research infrastructure.
• Design and operate identity/access systems including SSO, MFA, RBAC, SCIM lifecycle automation, workload identity, and least-privilege access.
• Build/improve secrets management (KMS, GitHub/CI credentials, 1Password or equivalents).
• Harden software delivery/developer workflows (CI/CD security,...

What You'll Do

• Own security architecture across cloud environments including AWS/GCP/Azure.
• Design identity/access systems: SSO/MFA/RBAC/SCIM/workload identity.
• Build/improve secrets management: KMS/GitHub/CI credentials/1Password.
• Harden CI/CD workflows: dependency security/build provenance/artifact integrity.
• Lead threat modeling/secure design reviews/risk assessments.
• Build detection/response capabilities across cloud/network/endpoint telemetry.
• Own vulnerability management/remediation automation.
• Partner on segmentation/firewall policy/certificates/DNS/device-to-cloud patterns.
• Set pragmatic security standards/run tabletop exercises/help company make sound decisions without unnecessary process.

You Might Thrive in This Role If You Have Experience With

• Building/operating security controls in AWS/GCP/Azure/Kubernetes environments.
• Hands-on engineering with Python/Bash scripting/Terraform.
• Identity systems: Okta/Entra/SAML/OIDC/SCIM/IAM/workload identity/least privilege design.
• Secrets management & secure credential flows: KMS/CI/CD secrets/GitHub OIDC/service-to-service authentication.
• Secure SDLC & supply chain controls: code review/threat modeling/dependency management/signed builds/CI hardening.
• Detection & response/vulnerability management/incident handling in fast-moving environments.
• Linux/network security fundamentals: segmentation/certificates/DNS/firewalls/VPNs/Tailscale/service-to-service auth.
• Working with researchers/platform teams balancing security & velocity tradeoff.

Skills Extracted

["AWS", "GCP", "Azure", "Kubernetes", "Python", "Bash", "Terraform", "Okta", "Entra", "SAML", "OIDC", "SCIM", "IAM", "Secrets Management", "KMS", "GitHub OIDC", "CI/CD Security", "Dependency Management", "Threat Modeling", "Secure SDLC", "Supply Chain Controls", "Code Review", "Signed Builds", "Detection & Response", "Vulnerability Management", "Incident Handling", "Linux Security Fundamentals", "Network Security Fundamentals", "Segmentation", "Certificates", "DNS", "Firewalls", "VPNs", "Tailscale"]