product-infrastructure-security-engineer

Original：🇺🇸 English

Translated

Guides product infrastructure security—securing the runtime, data plane, and control plane that ships with the product: multi-tenant isolation, service-to-service auth, customer data boundaries, secure defaults in APIs and workers, abuse-resistant rate limits, product-scoped secrets and encryption, and security design reviews for product infra changes. Use when threat-modeling product features, designing tenant isolation, hardening service mesh or internal APIs, reviewing product IaC/modules for data leaks, defining secure baselines for microservices the product team owns, or partnering on incidents affecting customer workloads—not for corporate IdP/SIEM (information-security-engineer), CI pipeline gates only (devsecops), SOC operations (defensive-security-analyst), authorized pentest execution (offensive-security-analyst), general IDP golden paths (platform-engineer), company-wide GRC (cybersecurity), or applied AI solution architecture for LLM features (applied-ai-architect-commercial-enterprise).

2installs

Sourcedaemon-blockint-tech/agentic-enteprises-skill

Added on2026-05-20

NPX Install

npx skill4agent add daemon-blockint-tech/agentic-enteprises-skill product-infrastructure-security-engineer

SKILL.md Content

View Translation Comparison →

Product Infrastructure Security Engineer

When to Use

Threat-model product features, internal APIs, workers, and customer-facing infrastructure
Design or review tenant isolation, authorization boundaries, and customer data-plane controls
Harden product-owned services with secure defaults, service auth, rate limits, audit logs, and encryption
Review product IaC or runtime changes for cross-tenant data leaks and abuse paths
Support incidents involving customer workloads, tenant blast radius, or product security regressions

When NOT to Use

Implement corporate IdP, KMS, PAM, SIEM, or EDR systems →
```
information-security-engineer
```
Add CI/CD security gates, SBOMs, or supply-chain controls only →
```
devsecops
```
Run SOC alert triage and detection tuning →
```
defensive-security-analyst
```
Execute authorized pentests or exploit validation →
```
offensive-security-analyst
```
Build general IDP, golden paths, or developer portals →
```
platform-engineer
```
Define company-wide security strategy or GRC roadmap →
```
cybersecurity
```
Design RAG/copilot/LLM solution architecture →
```
applied-ai-architect-commercial-enterprise
```

Related skills

Need	Skill
Org-wide IAM, KMS ops, SIEM	`information-security-engineer`
Pipeline scans, SBOM, CI OIDC	`devsecops`
Product feature code and APIs	`senior-fullstack-developer`
Core cloud/K8s provisioning	`infrastructure-engineer`
IDP templates and portal	`platform-engineer`
Pentest reproduction	`offensive-security-analyst`
Customer-impacting incident comms	`cybersecurity`
AI copilot/RAG architecture	`applied-ai-architect-commercial-enterprise`
K8s namespace isolation and deploy	`cluster-deployment-engineer`

Core Workflows

1. Product threat modeling

Scope the product boundary (what attackers and tenants can reach):

List actors: customer user, tenant admin, partner integration, internal operator, anonymous
Map assets: customer data, credentials, billing, config, audit logs
Draw data flows across services and stores
Identify trust boundaries (tenant, region, env)
Prioritize threats: cross-tenant access, privilege escalation, data exfil, abuse
Record mitigations and residual risk owners

See
references/product_threat_model.md
for STRIDE-lite worksheet.

2. Multi-tenant isolation

Isolation goals:

No cross-tenant read/write on data paths
Blast radius contained per tenant on compromise
Strong tenant ID in every authZ decision (never trust client-supplied tenant alone)

Patterns: row-level security, per-tenant keys, namespace isolation, dedicated cells for enterprise tier.

See
references/multi_tenant_isolation.md
for patterns and test cases.

3. Service and API security baselines

Every product service should default to:

Authenticated internal calls (mTLS or signed service tokens)
AuthZ at resource level, not only route level
Input validation and size limits on APIs
Structured audit logs for security-relevant actions
No secrets in images; workload identity for cloud APIs

See
references/secure_service_defaults.md
for checklist and anti-patterns.

4. Customer data protection

Control	Product infra angle
Encryption at rest	Per-tenant or per-table keys where required
Encryption in transit	TLS everywhere; no TLS termination that exposes plaintext internally without justification
Retention	Deletion hooks for account closure
Logging	Redact PII in product logs; separate security audit stream

See
references/customer_data_protection.md
for key hierarchy and deletion workflow.

5. Abuse and resilience

Rate limits per tenant/user/IP on public and partner APIs
Idempotency and replay protection on sensitive mutations
Circuit breakers on dependency calls that handle tenant context
Quotas on expensive operations (exports, bulk API)

Align with defensive monitoring for anomaly signals.

6. Security design review (product infra)

Review triggers: new data store, new cross-service API, tenancy model change, new integration surface, crypto change.

Review output:

Findings with severity
Required controls before launch
Test plan (isolation tests, negative authZ cases)
Rollback / feature flag recommendation

See
references/security_design_review.md
for review template.

7. Incident support (product scope)

When customer workloads are affected:

Confirm blast radius (which tenants, regions)
Preserve tenant-scoped logs and configs
Coordinate containment without cross-tenant impact
Post-incident: add regression test and detection

Hand off enterprise IR/comms to

cybersecurity

when required.

When to load references

Threat modeling →
```
references/product_threat_model.md
```
Tenancy →
```
references/multi_tenant_isolation.md
```
Service baselines →
```
references/secure_service_defaults.md
```
Data and crypto →
```
references/customer_data_protection.md
```
Design reviews →
```
references/security_design_review.md
```