Cybersecurity Engineer, Product Security

CHAOS Industries is redefining modern defense with a multi-product portfolio that gives the ultimate advantagedomain dominance. The companys products are powered by Coherent Distributed Networks (CDN) empowering warfighters commercial air operators and border protection teams to act faster adapt rapidly and stay ahead of evolving threats.

CHAOS Industries was founded in 2022 and has raised a total of $1 billion in funding from leading investors including 8VC Accel and Valor Equity Partners. The company is headquartered in Los Angeles with offices in Washington D.C. San Francisco San Diego Seattle and London. For more information please visit .

Role Overview:

We are seeking a Cybersecurity Engineer focused on Product Security to help design assess and secure our next-generation sensor platforms and supporting software ecosystems. This role will work closely with Software Engineering Embedded Systems Hardware Engineering Infrastructure and Program teams to ensure security is integrated throughout the product lifecycle from architecture and development through deployment and operational support.

The ideal candidate has experience securing complex software and hardware systems within defense aerospace or other highly regulated environments. This individual will lead software security architecture efforts perform threat modeling and risk assessments support compliance initiatives and help establish secure engineering standards across the organization.

This is a highly collaborative and hands-on role with direct impact on the security and resiliency of mission-critical technologies deployed in operational environments.

Responsibilities:

• Product Security Engineering
  • Design and implement secure software andhardwaresystem architectures for mission-critical platforms and supporting infrastructure
  • Partner with engineering teams to integrate security requirements throughout the software development lifecycle (SDLC)
  • Conduct architecture reviews and identify security risks across software embedded cloud and hardware systems
  • Develop secure design standards engineering guidance and product security best practices
  • Support secure development initiatives including code review dependency management secrets management and vulnerability remediation
• Threat Modeling & Risk Assessment
  • Lead threat modeling exercises for software embedded systems hardware platforms and supporting infrastructure
  • Conduct cybersecurity risk assessments for products systems and operational environments
  • Identify attack surfaces trust boundaries and potential exploitation paths
  • Work with engineering teams to prioritize and remediate identified security risks
  • Develop mitigation strategies for cybersecurity threats impacting deployed systems and sensitive technologies
• Compliance & Security Authorization
  • Support cybersecurity compliance initiatives and product authorization efforts including:
  • RMF (Risk Management Framework)
  • ATO (Authority to Operate)
  • Export control and regulated data handling requirements
  • Assist with development of system security documentation security controls SSPs and assessment artifacts
  • Support internal and external security audits assessments and accreditation activities
  • Collaborate with government customer and program stakeholders on security requirements and authorization activities
• Security Testing & Validation
  • Assist with security testing activities including vulnerability assessments penetration testing coordination and validation of remediation efforts
  • Support secure configuration and hardening efforts across software operating systems and embedded environments
  • Review software and system telemetry to identify potential security weaknesses or anomalous behavior
  • Collaborate with Security Operations and Infrastructure teams to improve enterprise and product security visibility
• Cross-Functional Collaboration
  • Work closely with Software Embedded Hardware DevOps and Infrastructure teams to balance security performance and operational requirements
  • Contribute to the development of scalable product security processes and governance
  • Support customer and internal security reviews related to deployed technologies and operational environments
  • Mentor engineering teams on secure development and security-by-design principles

Minimum Requirements:

• 5 years of experience in cybersecurity engineering product security application security or related engineering roles
• Experience with software security design and secure system architecture principles
• Hands-on experience conducting threat modeling and cybersecurity risk assessments
• Knowledge of secure software development lifecycle (SSDLC) practices and application security concepts
• Familiarity with cybersecurity frameworks and compliance standards including:
• RMF
• NIST 800-53
• NIST 800-171
• CMMC
• DFARS
• Experience supporting security authorization activities such as ATO processes and security documentation development and eMASS
• Understanding of cloud endpoint network and identity security concepts
• Strong analytical troubleshooting and technical communication skills
• Ability to operate effectively in a fast-paced startup environment
• Must be a U.S. Citizen eligible for government facilities and sensitive information
• Ability to obtain additional security clearances as required by contract

Preferred Requirements:

• Active Security Clearance
• Experience supporting defense aerospace government contracting or regulated technology environments
• Experience securing embedded systems sensor platforms or edge computing technologies
• Familiarity with export control requirements including ITAR and EAR
• Experience with secure DevSecOps pipelines and automation practices
• Experience with Microsoft GCC High environments and regulated cloud architectures
• Firmware development experience
• BIOS/UEFI security or development experience
• Hardware security design experience
• Trusted Platform Module (TPM) secure boot cryptographic hardware or supply chain security knowledge
• Experience with scripting or automation using Python PowerShell or Bash
• Security certifications such as CISSP CSSLP GSEC Security or equivalent

Why CHAOS

• Health Benefits: Medical dental and vision benefits 100% paid for by the company
• Additional benefits : 401k ( 50% company match up to 6% of pay) FSA HSA life insurance and more
• Our Perks: Free daily lunch No meeting Fridays unlimited PTO casual dress code
• Compensation Components: Competitive base salaries generous pre-IPO stock option grants relocation assistance and (coming soon!) annual bonuses
• Team Growth: 250 employees and counting across 5 global offices

Salary Range: $110000 - $190000

The stated compensation range reflects only the targeted base compensation range and excludes additional earnings such as bonus equity and benefits. If your compensation requirements fall outside of the range we still encourage you to apply. The salary range for this role is an estimate based on a range of compensation factors inclusive of base salary only. Actual salary offer may vary based on (but not limited to) work experience education and/or training critical skills and/or business considerations.

Recruiting Agencies: CHAOS Industries does not accept unsolicited resumes or outreach. Unsolicited submissions will not be reviewed or compensated.

#LI-onsite

Required Experience:

IC