Senior Data Protection Engineer, Classified Systems
About The Team
Anduril builds and operates the systems that protect our most sensitive work. We're a small, high-trust group with an outsized mandate — and this role is the first of its kind on the team, giving you the latitude to define data protection for Classified Systems from the ground up.
About The Job
As a Senior Data Protection Engineer on our Classified Systems team, you'll own how sensitive data is protected across some of the most secure environments in the country. This is an architecture-and-practice-building role: you'll dive deep into our environment, design the data protection architecture for Classified Systems, and work side by side with stakeholders and engineers to execute it — implementing the policies, controls, and processes that keep classified data handled correctly end to end.
What You’ll Do
- Start by diving into our Classified Systems environment — mapping how sensitive data is created, stored, moved, and accessed today, and identifying where protection is needed most.
- Design the data protection architecture for Classified Systems — the controls, data flows, and safeguards that protect sensitive information end to end — and partner with stakeholders and engineers across our teams to execute it.
- Define the policies, processes, and standards for data protection and handling — both logical (access controls, classification, monitoring) and physical (storage, transport, and destruction of media) — and build the practice that operationalizes them.
- Deliver an end-to-end solution complete with mitigation — including the automation and incident response needed to handle data spillages and other data-protection events when they arise.
Required Qualifications
- Active Top Secret/SCI security clearance (required; candidates must currently hold this clearance).
- 7+ years of experience spanning security engineering and security architecture, with a track record of both designing solutions and building them hands-on in production environments.
- Demonstrated experience both designing and implementing data protection or security architectures across diverse environments — endpoints, file shares, cloud storage, collaboration tools, and on-prem systems.
- Proficiency in scripting and automation (e.g., Python, PowerShell, Bash) to implement controls and operationalize data protection at scale.
- Deep understanding of data classification, handling, and lifecycle protection — including both logical and physical controls — in a classified or regulated environment.
- Proven ability to lead architecture and process work end to end in ambiguous, greenfield settings — setting technical direction, aligning stakeholders and engineers, and influencing without formal authority.
Preferred Qualifications
- Experience supporting classified programs or working within a U.S. government / defense contractor security environment.
- Experience applying security and data governance frameworks (e.g., NIST 800-53/800-171, CMMC, zero-trust) to architecture and policy decisions.
- Experience designing and deploying data protection controls (e.g., DLP, encryption, access governance) and the detections that monitor them.
- Experience standing up a new security or data protection practice and driving it across a cross-functional organization.
- Experience mentoring engineers and setting technical standards that outlast any single project.
- Relevant certifications (e.g., CISSP, CISSP-ISSAP, CCSP, Security+, or equivalent architecture/governance credentials).