About this role
Help define the future of hardware development by building a collaboration platform for circuit designs, enabling the next generation of smart vehicles, IoT devices, rockets, medical devices, robotics, and much more.
At AllSpice, we're building the agile development environment for hardware designers, including a Git-friendly translation layer and automated CI/CD framework for native circuit designs, think GitHub/GitLab + Copilot for electronics.
Read more about our latest Series A announcement here!
As Director of Infrastructure, you will own AllSpice's infrastructure strategy, security posture, and compliance programs while building and leading a small, high-impact team. This is a hands-on leadership role: roughly 60% management and strategic work, 40% individual contribution, reporting to the CTO. With the team at 1–2 people for the next 12 months, you need to be equally comfortable drafting a Terraform module and presenting a security review to an enterprise customer's CISO.
If you are passionate about building secure, scalable infrastructure and want executive-level ownership at a fast-growing startup, this role is for you.
What you'll doThis is a high-impact role that comes with significant autonomy and requires a self-driven, strategic, and collaborative leader. You will own our infrastructure, security, and compliance programs end-to-end.
Strategic leadership and security ownershipOwn AllSpice's security posture: policies, incident response, disaster recovery, and ongoing risk assessment
Maintain SOC 2 compliance, penetration testing, and audit processes; evaluate additional security certifications as needed
Make architectural decisions on infrastructure direction, including cloud strategy, cost optimization, high availability, and scaling
Work with legal counsel on security and data-protection matters, including DPAs, breach notification obligations, and regulatory requirements
Customer and go-to-market coordinationPartner with customer success and sales to support enterprise deployments, IT security reviews, and SSO/OIDC integrations
Serve as the primary technical point of contact for customer InfoSec questionnaires and procurement processes
Support self-hosted and GovCloud deployments for customers with ITAR, EAR, or CUI requirements
People management and team buildingHire, mentor, and manage infrastructure engineers as the team grows
Set team goals, define processes, and establish on-call rotations
Participate in the on-call rotation and lead incident response when needed
Create growth paths for ICs and foster a culture of operational excellence
Hands-on infrastructureArchitect and maintain production AWS environments using Terraform and infrastructure-as-code
Automate deployments, backups, and disaster recovery across cloud and self-hosted configurations
Monitor and improve performance, availability, and cost efficiency of production systems
Work closely with application developers to deploy infrastructure solutions to product problems
Example projectsScale infrastructure for zero-downtime deployments across multi-region AWS accounts
Plan and evaluate horizontal scaling strategies for compute runtime to support growing workloads and concurrent users
Drive SOC 2 Type II renewals and maintain ongoing compliance cadence
Stress-test backup and disaster recovery procedures and publish runbooks
Identify opportunities to reduce cloud spend while improving performance
Coordinate tabletop exercises and incident response drills with the Security Incident Response Team
Lead an enterprise customer through a self-hosted deployment, including architecture review, SSO integration, and security sign-off
Our stackTerraform & Docker Swarm deployed to AWS for production infrastructure
Grafana, Loki, and Prometheus for observability
GitHub Actions for CI/CD
Playwright for e2e testing
Gitea application fork
Go [server-side]
PostgreSQL
ExpectationsOur ideal candidate has:
8+ years of cloud infrastructure and/or security engineering experience
2+ years of people management experience (hiring, mentoring, performance management)
Deep hands-on expertise with AWS services (IAM, GuardDuty, VPC, Lambda, etc.), Linux administration, and Docker
Demonstrated ownership of security policy, compliance programs (SOC 2, ISO 27001), and incident response
Experience coordinating with legal counsel, customer-facing teams, and executive leadership on security and compliance matters
Strong project management skills with ability to lead cross-functional initiatives from engineers to customers
Comfort with ambiguity and a high degree of autonomy
Bachelor's degree or higher in a technology-related field
Must be a U.S. Citizen or Lawful Permanent Resident (Green Card holder)
(preference, not required) Availability to work out of our flex offices in San Francisco or Boston 1–2 days per week
Relevant skillsYou don't need to check every box, but the more of these you bring, the better:
Infrastructure and operations
Terraform and infrastructure-as-code at scale
AWS services (IAM, GuardDuty, Elasticsearch, ElastiCache, Lambda) and experience with other cloud providers (GCP, Azure)
Docker and Kubernetes
Bash and Python scripting
nginx and reverse-proxy services
PostgreSQL administration
Security and compliance
SOC 2, ISO 27001, and other security certification frameworks
ITAR/EAR/CUI compliance and GovCloud deployments
SSO, OIDC, LDAP, and enterprise authentication
Vulnerability scanning, penetration testing coordination, and vendor security reviews
Leadership
Hiring, mentoring, and building infrastructure teams from the ground up
Working with legal counsel on data protection, DPAs, and regulatory matters
Customer-facing technical communication (InfoSec reviews, enterprise onboarding)
Project management using tools such as Jira, Notion, or similar
BenefitsOpportunity to make a large impact at an executive level
Supportive and smart colleagues
Flexible work
Competitive salary and equity
Health, dental, and vision benefits
Generous PTO
Home office stipend
Relocation package