Security Engineer, Systems Security

About The Position

Requirements

• 6+ years of hands-on experience in product security, systems security engineering, authorization engineering, or a closely related security engineering role for defense or high-assurance platforms
• Strong understanding of DoD cybersecurity authorization processes (RMF, ATO/IATT, CSRMC, continuous ATO) with experience contributing to or driving systems through authorization
• Working knowledge of NIST SP 800-53, NIST SP 800-171, and CMMC 2.0 and their application to weapons systems, autonomous platforms, or similarly complex defense products
• Experience with threat modeling, security architecture, or risk assessment for cyber-physical systems, embedded systems, or operational technology environments
• Strong technical foundation, able to read architecture diagrams, evaluate security controls at a systems level, and hold credible technical conversations with hardware, software, and cloud engineers
• Ability to clearly communicate with both technical and non-technical stakeholders, including production of security documentation and authorization artifacts
• Ownership mindset with the ability to operate in ambiguity, define the path forward, and move work to completion across teams
• Ability to obtain and maintain a security clearance

Nice To Haves

• Experience as a product security lead, systems security engineer, or authorization lead for a defense platform or program of record
• Direct experience engaging with government Authorizing Officials, program offices, or DOT&E as a technical security representative
• Experience in defense technology startups, DARPA programs, or organizations that move at speed within the defense acquisition system
• Familiarity with maritime-specific frameworks including IMO MASS Code, IACS UR E26/E27, IEC 62443, or classification society autonomous vessel rules
• Understanding of autonomous systems security challenges including communications security, electronic warfare hardening, GPS/GNSS resilience, and AI/ML system security
• Experience with ITAR/EAR compliance, supply chain security, or manufacturing security for defense products
• Familiarity with the defense acquisition lifecycle and how authorization milestones integrate into program schedules

Responsibilities

• Own the security posture for one or more vessel programs from architecture through fielding, serving as the responsible security engineer for the product
• Drive threat modeling across vessel subsystems including embedded compute, communications, navigation, propulsion controls, sensor fusion, and C2 interfaces and define security architectures, trust boundaries, and segmentation strategies based on findings
• Identify and mitigate security risks unique to autonomous maritime platforms, including GPS/GNSS spoofing, RF interference, sensor manipulation, supply chain compromise, and physical access threats
• Own the end-to-end authorization lifecycle for vessel programs, from initial security planning through ATO or equivalent customer authorization milestones
• Navigate DoD cybersecurity authorization frameworks including RMF, CSRMC, and service-specific requirements across Navy, Coast Guard, Marine Corps, and joint programs
• Prepare and maintain authorization artifacts, security documentation, and evidence packages that satisfy Authorizing Officials and program offices
• Identify and map applicable compliance frameworks for each vessel and customer segment including NIST SP 800-53, NIST SP 800-171, CMMC 2.0, FedRAMP, IEC 62443, IMO MASS Code, and IACS UR E26/E27 and proactively define Saronic's compliance posture where standards are still emerging
• Engage directly with government program offices, Authorizing Officials, DOT&E evaluators, and classification societies as a credible technical representative of Saronic's security posture
• Support cybersecurity testing and evaluation efforts, including preparation for operational test events, red team assessments, and cooperative vulnerability assessments
• Partner with supply chain and manufacturing teams to address hardware provenance, firmware integrity, and anti-tamper requirements for production vessels
• Work with Legal and Contracts to ensure security and compliance requirements are accurately reflected in customer agreements, proposals, and contract deliverables

Benefits

• Medical Insurance: Comprehensive health insurance plans covering a range of services
• Saronic pays 100% of the premium for employees and 80% for dependents
• Dental and Vision Insurance: Coverage for routine dental check-ups, orthodontics, and vision care
• Saronic pays 100% of the premium under the basic plan for employees and 80% for dependents
• Time Off: Generous PTO and Holidays
• Parental Leave: Paid maternity and paternity leave to support new parents
• Competitive Salary: Industry-standard salaries with opportunities for performance-based bonuses
• Retirement Plan: 401(k) plan with company match
• Stock Options: Equity options to give employees a stake in the company’s success
• Life and Disability Insurance: Basic life insurance and short- and long-term disability coverage
• Pet Insurance: Discounted pet insurance options including 24/7 Telehealth helpline
• Additional Perks: Free lunch benefit and unlimited free drinks and snacks in the office