Security Engineer, Systems Security

Saronic Technologies is a leader in revolutionizing autonomy at sea, dedicated to developing state-of-the-art solutions that enhance maritime operations through autonomous and intelligent platforms.Security at Saronic is a force multiplier. We're seeking a Security Engineer at the senior-level or above to own the product security and authorization lifecycle for Saronic's autonomous surface vessels. You will serve as the responsible security engineer for one or more vessel programs, owning the security posture from design through production, authorization, and operational deployment. This is a hands-on security engineering role; not a GRC or project management role. No single compliance framework covers autonomous surface vessels today. DoD authorization processes are evolving, commercial maritime regulators are still drafting the MASS Code, and classification societies are issuing their first autonomous vessel certifications. You'll identify the frameworks that apply, architect the vessel's security to satisfy them, and drive authorization to completion. Where standards don't yet exist, you'll define them.Key Responsibilities:Own the security posture for one or more vessel programs from architecture through fielding, serving as the responsible security engineer for the productDrive threat modeling across vessel subsystems including embedded compute, communications, navigation, propulsion controls, sensor fusion, and C2 interfaces and define security architectures, trust boundaries, and segmentation strategies based on findingsIdentify and mitigate security risks unique to autonomous maritime platforms, including GPS/GNSS spoofing, RF interference, sensor manipulation, supply chain compromise, and physical access threatsOwn the end-to-end authorization lifecycle for vessel programs, from initial security planning through ATO or equivalent customer authorization milestonesNavigate DoD cybersecurity authorization frameworks including RMF, CSRMC, and service-specific requirements across Navy, Coast Guard, Marine Corps, and joint programsPrepare and maintain authorization artifacts, security documentation, and evidence packages that satisfy Authorizing Officials and program officesIdentify and map applicable compliance frameworks for each vessel and customer segment including NIST SP 800-53, NIST SP 800-171, CMMC 2.0, FedRAMP, IEC 62443, IMO MASS Code, and IACS UR E26/E27 and proactively define Saronic's compliance posture where standards are still emergingEngage directly with government program offices, Authorizing Officials, DOT&E evaluators, and classification societies as a credible technical representative of Saronic's security postureSupport cybersecurity testing and evaluation efforts, including preparation for operational test events, red team assessments, and cooperative vulnerability assessmentsPartner with supply chain and manufacturing teams to address hardware provenance, firmware integrity, and anti-tamper requirements for production vesselsWork with Legal and Contracts to ensure security and compliance requirements are accurately reflected in customer agreements, proposals, and contract deliverablesRequired Qualifications:6+ years of hands-on experience in product security, systems security engineering, authorization engineering, or a closely related security engineering role for defense or high-assurance platformsStrong understanding of DoD cybersecurity authorization processes (RMF, ATO/IATT, CSRMC, continuous ATO) with experience contributing to or driving systems through authorizationWorking knowledge of NIST SP 800-53, NIST SP 800-171, and CMMC 2.0 and their application to weapons systems, autonomous platforms, or similarly complex defense productsExperience with threat modeling, security architecture, or risk assessment for cyber-physical systems, embedded systems, or operational technology environmentsStrong technical foundation, able to read architecture diagrams, evaluate security controls at a systems level, and hold credible technical conversations with hardware, software, and cloud engineersAbility to clearly communicate with both technical and non-technical stakeholders, including production of security documentation and authorization artifactsOwnership mindset with the ability to operate in ambiguity, define the path forward, and move work to completion across teamsAbility to obtain and maintain a security clearancePreferred Qualifications:Experience as a product security lead, systems security engineer, or authorization lead for a defense platform or program of recordDirect experience engaging with government Authorizing Officials, program offices, or DOT&E as a technical security representativeExperience in defense technology startups, DARPA programs, or organizations that move at speed within the defense acquisition systemFamiliarity with maritime-specific frameworks including IMO MASS Code, IACS UR E26/E27, IEC 62443, or classification society autonomous vessel rulesUnderstanding of autonomous systems security challenges including communications security, electronic warfare hardening, GPS/GNSS resilience, and AI/ML system securityExperience with ITAR/EAR compliance, supply chain security, or manufacturing security for defense productsFamiliarity with the defense acquisition lifecycle and how authorization milestones integrate into program schedulesBenefits:Medical Insurance: Comprehensive health insurance plans covering a range of servicesSaronic pays 100% of the premium for employees and 80% for dependentsDental and Vision Insurance: Coverage for routine dental check-ups, orthodontics, and vision careSaronic pays 100% of the premium under the basic plan for employees and 80% for dependentsTime Off: Generous PTO and HolidaysParental Leave: Paid maternity and paternity leave to support new parentsCompetitive Salary: Industry-standard salaries with opportunities for performance-based bonusesRetirement Plan: 401(k) planStock Options: Equity options to give employees a stake in the company’s successLife and Disability Insurance: Basic life insurance and short- and long-term disability coveragePet Insurance: Discounted pet insurance options including 24/7 Telehealth helplineAdditional Perks: Free lunch benefit and unlimited free drinks and snacks in the office If this role is based in the United States, it requires access to export-controlled information or items that require “U.S. Person” status. As defined by U.S. law, individuals who are any one of the following are considered to be a “U.S. Person”: (1) U.S. citizens, (2) legal permanent residents (a.k.a. green card holders), and (3) certain protected classes of asylees and refugees, as defined in 8 U.S.C. 1324b(a)(3).Saronic does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity or any other reason prohibited by law in provision of employment opportunities and benefits. We are also committed to providing