Jobs · Information Technology · California

Cybersecurity Engineer, Product Security

CHAOS Industries · El Segundo, CA · 3 wk ago
On-siteInformation Technology$110k–$190k/yrFull-time

Role Overview

We are seeking a Cybersecurity Engineer focused on Product Security to help design, assess, and secure our next-generation sensor platforms and supporting software ecosystems. This role will work closely with Software Engineering, Embedded Systems, Hardware Engineering, Infrastructure, and Program teams to ensure security is integrated throughout the product lifecycle — from architecture and development through deployment and operational support.

Responsibilities

  • Design and implement secure software and hardware system architectures for mission-critical platforms and supporting infrastructure

  • Partner with engineering teams to integrate security requirements throughout the software development lifecycle (SDLC)

  • Conduct architecture reviews and identify security risks across software, embedded, cloud, and hardware systems

  • Develop secure design standards, engineering guidance, and product security best practices

  • Support secure development initiatives including code review, dependency management, secrets management, and vulnerability remediation

  • Lead threat modeling exercises for software, embedded systems, hardware platforms, and supporting infrastructure

  • Conduct cybersecurity risk assessments for products, systems, and operational environments

  • Identify attack surfaces, trust boundaries, and potential exploitation paths

  • Work with engineering teams to prioritize and remediate identified security risks

  • Develop mitigation strategies for cybersecurity threats impacting deployed systems and sensitive technologies

  • Support cybersecurity compliance initiatives and product authorization efforts including: RMF (Risk Management Framework), ATO (Authority to Operate), export control and regulated data handling requirements

  • Aid in the development of system security documentation, security controls, SSPs, and assessment artifacts

  • Support internal and external security audits, assessments, and accreditation activities

  • Collaborate with government, customer, and program stakeholders on security requirements and authorization activities

  • Assist with security testing activities including vulnerability assessments, penetration testing coordination, and validation of remediation efforts

  • Support secure configuration and hardening efforts across software, operating systems, and embedded environments

  • Review software and system telemetry to identify potential security weaknesses or anomalous behavior

  • Collaborate with Security Operations and Infrastructure teams to improve enterprise and product security visibility

  • Work closely with Software, Embedded, Hardware, DevOps, and Infrastructure teams to balance security, performance, and operational requirements

  • Contribute to the development of scalable product security processes and governance

  • Support customer and internal security reviews related to deployed technologies and operational environments

  • Mentor engineering teams on secure development and security-by-design principles

Requirements

  • 5+ years of experience in cybersecurity engineering, product security, application security, or related engineering roles

  • Hands-on experience conducting threat modeling and cybersecurity risk assessments

  • Knowledge of secure software development lifecycle (SSDLC) practices and application security concepts

  • Familiarity with cybersecurity frameworks and compliance standards including: RMF, NIST 800-53, NIST 800-171, CMMC, DFARS

  • Experience supporting security authorization activities such as ATO processes and security documentation development, and eMASS

  • Strong analytical, troubleshooting, and technical communication skills

  • Ability to operate effectively in a fast-paced startup environment

  • Must be a U.S. Citizen eligible for government facilities and sensitive information

Preferred Requirements

  • Active Security Clearance

  • Experience supporting defense, aerospace, government contracting, or regulated technology environments

  • Experience securing embedded systems, sensor platforms, or edge computing technologies

  • Familiarity with export control requirements including ITAR and EAR

  • Experience with secure DevSecOps pipelines and automation practices

  • Experience with Microsoft GCC High environments and regulated cloud architectures

  • Firmware development experience, BIOS/UEFI security or development experience, Hardware security design experience, Trusted Platform Module (TPM), secure boot, cryptographic hardware, or supply chain security knowledge

  • Experience with scripting or automation using Python, PowerShell, or Bash

  • Security certifications such as CISSP, CSSLP, GSEC, Security+, or equivalent

About the Role

CHAOS Industries is redefining modern defense with a multi-product portfolio that gives the ultimate advantage—domain dominance. The company's products are powered by Coherent Distributed Networks (CDN™), empowering warfighters, commercial air operators, and border protection teams to act faster, adapt rapidly, and stay ahead of evolving threats. CHAOS Industries was founded in 2022 and has raised a total of $1 billion in funding from leading investors, including 8VC, Accel, and Valor Equity Partners. The company is headquartered in Los Angeles, with offices in Washington, D.C., San Francisco, San Diego, Seattle, and London. For more information, please visit www.chaosinc.com.

Similar jobs