Cybersecurity Engineer (Product Security)

TL;DR

Cybersecurity Engineer (Product Security): Designing and securing mission-critical sensor platforms and software ecosystems with an accent on threat modeling, risk assessment, and compliance within highly regulated defense environments. Focus on integrating security into the full product lifecycle, from architecture and development to deployment and operational support.

Location: Must be a U.S. Citizen; role is based in Washington, D.C. (Onsite).

Salary: $110,000–$190,000

Company

A defense technology startup building multi-product platforms powered by Coherent Distributed Networks to provide domain dominance for warfighters and commercial operators.

What you will do

• Design and implement secure software and hardware system architectures for mission-critical platforms.
• Lead threat modeling exercises and conduct cybersecurity risk assessments across software, embedded, and cloud systems.
• Partner with engineering teams to integrate security requirements throughout the software development lifecycle.
• Support compliance initiatives including RMF, ATO, and export control requirements.
• Assist with security testing, vulnerability assessments, and penetration testing coordination.
• Collaborate with cross-functional teams to balance security, performance, and operational requirements.

Requirements

• 5+ years of experience in cybersecurity engineering, product security, or application security.
• Must be a U.S. Citizen eligible for government facilities and sensitive information.
• Hands-on experience with threat modeling, risk assessments, and secure system architecture.
• Familiarity with cybersecurity frameworks including RMF, NIST 800-53, NIST 800-171, CMMC, and DFARS.
• Experience supporting security authorization activities such as ATO processes and eMASS.
• Strong analytical and technical communication skills with the ability to operate in a fast-paced startup environment.

Nice to have

• Active security clearance.
• Experience securing embedded systems, sensor platforms, or edge computing technologies.
• Knowledge of export control requirements (ITAR/EAR) and secure DevSecOps pipelines.
• Experience with Microsoft GCC High environments and hardware security design.
• Relevant certifications such as CISSP, CSSLP, GSEC, or Security+.

Culture & Benefits

• Comprehensive health benefits (medical, dental, vision) 100% paid by the company.
• Financial perks including 401k with 50% company match, FSA, and HSA.
• Unlimited PTO and 'No meeting Fridays'.
• Relocation assistance provided.
• Free daily lunch and casual dress code.