Security Engineer

Job description

Mission

As Security Engineer you will design, integrate, and harden Slingshot’s software and infrastructure in classified government environments. You will deploy secure enclaves, enforce DevSecOps practices, and ensure systems are hardened, resilient, and compliant. This role is mission critical. If systems are not hardened and compliant, the SME cannot secure the ATO and mission progress halts. Success requires a hands on engineer who thrives in complexity, moves fast under pressure, and brings a mission first can do mindset to cleared programs.

What You Will Do

• Engineer hardened Linux based and containerized systems for air gapped and enclave deployments
• Build and maintain secure CI/CD pipelines, enclave build processes, and hardened OS images
• Perform secure code reviews, threat modeling, and integrate AppSec scanning including SAST, DAST, IaC, and SBOM validation
• Deploy hybrid and on prem IAM solutions including RBAC, MFA, PAM, and directory services for classified enclaves
• Apply CIA triad principles to strengthen system security and reliability
• Execute vulnerability management, CVE remediation, and produce Software Assurance Reports
• Draft system architecture and boundary diagrams supporting ATO and audit packages
• Apply DISA STIGs, CIS Benchmarks, and DoD hardening standards to enclave deployments
• Work with primes, subcontractors, and government ISSMs to ensure systems are hardened and auditable
• Automate compliance enforcement to reduce manual overhead in secure builds
• Support incident detection and response in classified environments

Required Qualifications

• Active TS/SCI clearance (polygraph if applicable)
• U.S. Citizenship (no duals)
• 7 plus years in security engineering or systems engineering for cleared government programs
• Direct experience in enclave or air gapped deployments supporting ATO accreditation
• Strong coding and scripting ability including Python, Go, Bash, YAML
• Knowledge of NIST 800 171, CMMC 2.0, DoD RMF, FedRAMP, and CNSSI 1253
• Experience implementing DISA STIGs, CIS Benchmarks, and enclave hardening standards
• Certifications such as CISSP, Security+, and OSCP or equivalent

Preferred Qualifications

• 10 plus years of experience in security engineering or systems engineering supporting cleared DoD or IC programs
• Direct experience implementing and validating DISA STIGs, CIS Benchmarks, and DoD Secure Configuration Guidance in classified environments
• Hands on experience with cross domain solutions and enclave to enclave data flow protections
• Expertise integrating DevSecOps practices in air gapped CI/CD pipelines with automated compliance checks
• Experience deploying and securing AI and ML workloads in classified settings including GPU isolation, model artifact protection, and sensitive data boundary enforcement
• Familiarity with advanced FedRAMP and DoD approved stacks including M365 GCC High, Okta FedRAMP, CrowdStrike GovCloud, and Zscaler for Government
• Deep knowledge of cryptography, PKI, key management, enclave networking, and secure hybrid cloud integration
• Experience drafting technical documentation and presenting to customer design reviews, TRBs, and accreditation boards
• Container and Kubernetes security experience including hardened builds and cluster defense in classified environments
• Infrastructure as Code (IaC) security expertise with Terraform, Ansible, or similar tooling
• Reverse engineering and exploit mitigation skills in enclave settings
• Cross platform expertise across Linux, Windows, and hybrid operating systems in air gapped environments
• Network segmentation and microsegmentation design for high side environments
• Zero Trust architecture implementation in hybrid and enclave deployments
• Red team and penetration testing support to validate enclave hardening
• Experience supporting IT and cyber operations inside SCIFs or other secure facilities
• Advanced certifications strongly preferred including OSCE, CISSP ISSEP, GIAC GSE, or equivalent

Why This Role

This role is hands on and mission critical. If systems are not secured to the highest standards, the SME cannot deliver an ATO and the program will not move forward. You will be the engineer who ensures Slingshot’s technology is trusted and deployable in the most sensitive environments, enabling programs to succeed and missions to be accomplished.

Location: US based Remote with onsite travel to secure customer environments

Clearance Required: Active TS/SCI (polygraph if applicable)

Employment Type: Full Time

Reports To: Senior Director of Information Security and IT

US-based Candidates: we are currently only able to hire residents of the following U.S. states: AZ, CA, CO, DC, FL, GA, HI, IL, IN, KS, MD, MA, MI, MN, MO, MT, NV, NJ, NM, NY, NC, OR, RI, TN, TX, UT, VT, VA, WA, WV, and WI. We are unable to consider candidates residing in other U.S. states at this time.

Internationally-based Candidates: we are currently only able to hire residents of the following locations: United Kingdom. We are unable to consider candidates residing in other countries at this time.

Equity, Diversity & Inclusion are key to our success. We are an Equal Opportunity Employer and our employees are people with different strengths, experiences, and backgrounds, who share a passion for creating a safer, more connected world. Diversity not only includes race and gender identity, but also national origin, citizenship, sex, color, veteran status, disability, genetic information, or any other protected characteristic that is part of one’s identity. All of our employees’ points of view are key to our success, and we embrace individuality.