Platform Security Engineer

LED FastStartNew Orleans, LA
13d
Match Resume

About The Position

Saronic Technologies is a leader in defense autonomy at sea. We’re seeking a Platform Security Engineer to secure the cloud/edge where vessels, operators, and customers meet. You’ll own identity and access patterns, secrets and key management, secure network posture, and policy-as-code guardrails—working across AWS (including GovCloud), Terraform infrastructure, and service code to deliver trustworthy, auditable systems. Senior Engineers: 3+ years securing production cloud platforms (identity, secrets/KMS, network posture), preferably in autonomy, robotics, aerospace, or defense. Staff Engineers: 8+ years including technical leadership across secure-by-default platform modules, short-lived credential issuance, and cross-account policy design; demonstrated ownership from design through operational rollout.

Requirements

  • Bachelor’s or Master’s degree in Computer Science, Software/Computer/Electrical Engineering, or a related field.
  • 3+ years building on AWS with Terraform (ALB/ELB, IAM, KMS, Secrets Manager, Route53, VPC/SGs).
  • Strong knowledge of cryptographic and IAM fundamentals (key policies, rotation, certificates, OIDC/OAuth2).
  • Demonstrated experience enforcing IMDSv2, least-privilege roles, and network controls at scale.
  • Experience designing secure protocols/APIs and integrating auth into service code (e.g., Go/Rust/TypeScript).
  • Proven ability to perform threat modeling and conduct design/code security reviews.
  • Excellent problem-solving and communication skills; effective collaboration across platform, embedded, and field teams.
  • This role requires the ability to obtain and maintain a security clearance
  • This role requires access to export-controlled information or items that require “U.S. Person” status. As defined by U.S. law, individuals who are any one of the following are considered to be a “U.S. Person”: (1) U.S. citizens, (2) legal permanent residents (a.k.a. green card holders), and (3) certain protected classes of asylees and refugees, as defined in 8 U.S.C. 1324b(a)(3).

Nice To Haves

  • Experience in AWS GovCloud, multi-account landing zones, and cross-account KMS/Secrets patterns
  • Familiarity with fleet/overlay VPN access control and short-lived credential issuance
  • Policy-as-code guardrails (e.g., OPA/Conftest, Terraform validations), drift detection, and CI integration
  • Centralized logging/SIEM and cloud threat detection (e.g., CloudTrail, GuardDuty) with audit readiness
  • PKI/CA management and, ideally, hardware roots of trust (TPM/secure elements) at the edge
  • DoD/defense domain familiarity and prior work under export-controlled constraints

Responsibilities

  • Design, develop, and maintain secure-by-default infrastructure on AWS using Terraform (ALB/OIDC, IAM, KMS, Secrets Manager, Route53, VPC/SGs).
  • Standardize OIDC at the edge (ALB/ingress) for internal and external applications; define scopes, claims, and token lifecycles.
  • Own secrets and key management: KMS key policies, rotation schedules, cross-account access, and automated issuance for services and tools.
  • Enforce IMDSv2 required, least-privilege IAM roles, and tight security groups across modules; add CI/policy checks to prevent regressions.
  • Design secure protocols/APIs for service↔service and boat↔cloud communication (mTLS/TLS, certificate issuance/rotation, revocation).
  • Manage short-lived credentials used by fleet/overlay services; implement rotation, auditing, and incident response runbooks.
  • Prefer service-mediated S3 access over broad pre-signed URLs; codify bucket policies, logging, and access boundaries.
  • Build centralized, tamper-evident logging and audit trails; integrate detections and metrics to validate control effectiveness.
  • Perform threat modeling and security reviews; document patterns and drive adoption via reusable modules and guides.
  • Troubleshoot complex security issues in production; lead post-incident reviews and drive remediation to closure.
  • Stay current on cloud security best practices, especially for defense/government environments.

Benefits

  • Medical Insurance: Comprehensive health insurance plans covering a range of services
  • Saronic pays 100% of the premium for employees and 80% for dependents
  • Dental and Vision Insurance: Coverage for routine dental check-ups, orthodontics, and vision care
  • Saronic pays 100% of the premium under the basic plan for employees and 80% for dependents
  • Time Off: Generous PTO and Holidays
  • Parental Leave: Paid maternity and paternity leave to support new parents
  • Competitive Salary: Industry-standard salaries with opportunities for performance-based bonuses
  • Retirement Plan: 401(k) plan
  • Stock Options: Equity options to give employees a stake in the company’s success
  • Life and Disability Insurance: Basic life insurance and short- and long-term disability coverage
  • Pet Insurance: Discounted pet insurance options including 24/7 Telehealth helpline
  • Additional Perks: Free lunch benefit and unlimited free drinks and snacks in the office

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Job Search Resources

Similar Platform Security Engineer job opportunities

Security Platform Engineer
Alo Yoga
Alo Yoga • San Ramon, CA11d • $100,000 - $180,000
Senior Security Platform Engineer
Adobe
Adobe • Seattle, WA5d
Senior Security Platform Engineer
Adobe
Adobe • San Jose, CA7d
Platform Security Certification Engineer
Apple
Apple • Cupertino, CA5d
Senior Security Platform Engineer
Adobe
Adobe • Seattle, WA8d
Software Engineer-Security Platform & AI
Microsoft
Microsoft • Redmond, WA12d
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service