The compensation may vary further depending on individualized factors for candidates, such as job-related knowledge, skills, experience, and other objective business considerations.

The Company

Medal

Medal is where millions of gamers capture, share, and relive their best moments. We’re building the next generation of gaming communities — social, monetized, and creator-powered. Our mission is to connect brands and players in authentic, high-impact ways.

General Intuition

General Intuition is an AI research lab focused on spatial-temporal reasoning. It is built on the data strength of Medal to train foundational AI models that understand time and space. The most powerful foundation models are trained on written words. But human intelligence far exceeds language, so truly intelligent machines must move from words to physical worlds, and acquire the capacity to perceive, anticipate, and improvise.

We raised a seed round of $133M from General Catalyst and Khosla to build the leading AI lab for embodied agents.

The Role

General Intuition and Medal operate at the intersection of large-scale gaming data, AI research, and high-velocity product engineering. This role secures the infrastructure that bridges these worlds. You will harden our cloud environments, protect our data pipelines, and ensure our deployment systems are safe from supply-chain attacks and other threats.

You’ll design secure-by-default foundations without slowing down research or product teams, blending off-the-shelf security tooling with custom guardrails where necessary. Your work directly reduces operational risk across both General Intuition and Medal, and ensures we maintain trust as we scale sensitive AI workflows and massive creator-driven platforms.

Key Responsibilities

Infrastructure & Cloud Hardening

• Reduce the attack surface of GCP workloads, Kubernetes clusters, and on-prem systems through hardened defaults, workload isolation, and IAM discipline.

• Build automated security guardrails directly into Terraform, CI/CD, and Kubernetes deployments.

• Maintain comprehensive observability and auditability across all infrastructure components.

Data Pipeline Protection

• Harden ingestion and ETL systems used for video and metadata processing

• Enforce encryption standards, strict IAM scopes, audit logging, and boundary isolation between pipelines and production systems.

• Ensure complete visibility into the transfer and use of AI training data.

Identity, Access, and Secrets Governance

• Build visibility into privileged access and access drift across engineering.

• Automate key rotation, scoped roles, certificate workflows, and least-privilege baselines.

• Maintain a full audit of secrets and enforce secure handling across endpoints, services, and pipelines.

Deployment Pipeline & Supply Chain Security

• Protect build systems against supply-chain attacks.

• Ensure all builds and dependencies are scanned and recorded with a verifiable audit trail.

• Strengthen GitHub Actions runners, workload identities, and artifact provenance.

Operational Security & Compliance

• Develop and run drills, tabletop exercises, and incident-response workflows.

• Coordinate and validate external penetration tests.

• Conduct internal red-team tests and support threat modeling with engineering.

Ensure we meet compliance requirements relevant to both creator data and AI training data.

Qualifications

Core Technical Skills

• Strong experience with cloud infrastructure (especially GCP), Terraform, Kubernetes, containers, and modern CI/CD processes.

• Deep security fundamentals: IAM design, network segmentation, least privilege, secure-by-default patterns, and threat modeling.

• Hands-on experience with GCP/AWS security stacks (IAM, VPC SC, KMS, workload identity, Secrets Manager).

• Familiarity with infrastructure observability and logging systems (Prometheus, Grafana, Cloud Logging, SIEM).

• Strong secrets management and PKI experience (Vault or cloud-native equivalents).

Security Expertise

• Experience implementing or operating red-team / purple-team exercises.

• Understanding of secure coding practices and modern software supply-chain risks.

• Practical experience defending high-velocity environments with complex CI/CD workflows.

Preferred Background

• Security Engineer / DevOps hybrid roles at fast-growing mid-stage startups.

• SREs with a heavy security focus.

• DevOps engineers who became de-facto security leads in high-growth companies.

• Backgrounds from organizations with strong infra or security discipline.

Compensation Range: $150K - $280K