About AION

AION is building the next generation of AI cloud platform by transforming the future of high-performance computing (HPC) through its decentralized AI cloud. Purpose-built for bare-metal performance, AION democratizes access to compute power for AI training, fine-tuning, inference, data labeling, and beyond.

By leveraging underutilized resources such as idle GPUs and data centers, AION provides a scalable, cost-effective, and sustainable solution tailored for developers, researchers, and enterprises. The platform's innovative Proof of Compute Contribution (PoCC) protocol rewards contributors based on performance, creating a transparent and efficient ecosystem.

Integrated with Tether (USD₮ & USD₮0) for stability and regulatory clarity, AION eliminates volatility, ensuring predictable costs and seamless transactions. With cutting-edge partnerships and a USD-backed economy, AION is pioneering the commoditization of high-performance compute, empowering global innovation and bridging the AI wealth gap.

Led by high-pedigree founders with previous exits, AION is well-funded by major VCs with strategic global partnerships. Headquartered in the US with global presence, the company is building its initial core team in India.

Who you are

You are a pioneering security architect with expertise in building robust isolation systems for multi-tenant infrastructure environments. You have deep knowledge of hardware, network, and storage isolation principles and can design comprehensive security architectures that maintain strict boundaries between customer workloads in both VM-based and container-based compute environments.

You thrive on solving unprecedented security challenges and are excited to architect security for a fundamentally new type of infrastructure platform from the ground up. You understand the nuances of protecting cloud services at scale while accommodating diverse client security requirements and compliance needs.

You're passionate about unlocking the potential of AI development by creating secure foundations that enable data centers to safely share previously siloed compute resources. You combine technical security expertise with strategic vision, allowing you to build systems that maintain impeccable security while scaling to serve a growing client base with varying security demands.

Technical Skills & Experience

Core Expertise Areas

• 6-10 years of experience in infrastructure security (exceptional candidates with different experience profiles considered)
• Multi-tenant Security Architecture with expertise in:
• Hardware-level isolation techniques (SR-IOV, PCIe passthrough)
• Memory isolation between tenants and protection from side-channel attacks
• Secure resource partitioning to prevent noisy-neighbor issues
• Virtual Machine Security including:
• Hypervisor security configuration and hardening
• Secure VM image management and VM escape prevention
• Live migration security while maintaining isolation guarantees
• Container Security including:
• Container isolation mechanisms (namespaces, cgroups)
• Runtime security monitoring and container escape prevention
• Security profiles (seccomp, AppArmor/SELinux)

Infrastructure Security

• Network Security with zero-trust architecture, physical network isolation, and traffic separation
• Storage Security including data-at-rest encryption and secure volume management
• Identity & Access Management with authentication systems and privilege management
• Cloud Security across multiple providers and Infrastructure as Code security
• Security Operations including monitoring, threat detection, and incident response
• Compliance knowledge of security standards (SOC2, ISO27001, GDPR)

Cloud & Services Security

• Multi-tenant Service Architecture ensuring secure isolation between client environments
• API Security including authentication, authorization, rate limiting, and input validation
• Cloud Resources Isolation strategies across compute, storage, and network services
• Secure Service Endpoints design and implementation for client-facing services
• Secrets Management for secure credential handling in multi-client environments
• Secure CI/CD Pipelines for safe deployment across multiple client environments
• Cloud Security Posture Management for continuous compliance monitoring
• Tenant Configuration Isolation ensuring client settings don't impact other environments
• Service Mesh Security for secure service-to-service communication
• Secure Auto-scaling mechanisms that maintain isolation during resource expansion

Key Responsibilities

Architectural Security

• Design multi-tenant security architecture enabling a single data center to securely host multiple customer workloads
• Create hardware-level isolation guarantees between workloads within shared physical infrastructure
• Develop secure VM provisioning and lifecycle management systems that maintain isolation
• Design secure storage architectures that prevent unauthorized data access between tenants
• Implement network isolation frameworks ensuring complete traffic separation between customers
• Create security verification mechanisms that prove isolation guarantees to customers

Cloud Services Security

• Design scalable security architecture for client-facing cloud services and APIs
• Implement tenant isolation strategies ensuring one client cannot access another's data or services
• Develop secure authentication and authorization frameworks for multi-tenant services
• Create security boundaries between shared service components and client-specific resources
• Design secure auto-scaling mechanisms that maintain isolation during resource expansion
• Establish security monitoring specific to multi-tenant cloud service environments
• Implement automated security scanning and compliance checks for client environments

Operational Security

• Implement comprehensive IP management systems spanning public and private address spaces
• Develop network security controls including firewalls and routing security
• Create storage security frameworks for both block and object storage services
• Build monitoring systems to detect potential security incidents across the platform
• Design incident response procedures appropriate for a distributed platform
• Develop security policies for VM and container image management
• Create secure client onboarding and offboarding processes for cloud services

Security Culture & Compliance

• Define security standards and best practices for the engineering organization
• Create security compliance frameworks meeting requirements for enterprise customers
• Establish security review processes across the development lifecycle
• Manage third-party security assessments and penetration tests
• Develop client-specific security documentation and compliance artifacts
• Create secure default configurations for client environments
• Design scalable security governance models for rapidly growing client base
• Implement automated compliance monitoring and reporting across client environments

Location

Individuals in this role are expected to relocate to Bangalore, though exceptions can be made. We offer a hybrid working setup with 3 days in-office setup. Employees would have flexibility to work from anywhere for a few months during a year.

Why Join Us

• Be part of a mission-driven team at the intersection of web3 and AI, tackling some of the most exciting challenges in the industry.
• Join the ground floor of an AI startup, with the opportunity to make a significant impact on the company and the industry.
• Collaborate with top-tier talent from the tech industry.
• Competitive salary and benefits package.
• Flexible work environment with opportunities for professional growth and development.