Design and implement secure software and hardware system architectures for mission-critical platforms and supporting infrastructure
Partner with engineering teams to integrate security requirements throughout the software development lifecycle (SDLC)
Conduct architecture reviews and identify security risks across software, embedded, cloud, and hardware systems
Develop secure design standards, engineering guidance, and product security best practices
Support secure development initiatives including code review, dependency management, secrets management, and vulnerability remediation
Threat Modeling & Risk Assessment
Lead threat modeling exercises for software, embedded systems, hardware platforms, and supporting infrastructure
Conduct cybersecurity risk assessments for products, systems, and operational environments
Identify attack surfaces, trust boundaries, and potential exploitation paths
Work with engineering teams to prioritize and remediate identified security risks
Develop mitigation strategies for cybersecurity threats impacting deployed systems and sensitive technologies
Compliance & Security Authorization
Support cybersecurity compliance initiatives and product authorization efforts including:
RMF (Risk Management Framework)
ATO (Authority to Operate)
Export control and regulated data handling requirements
Assist with development of system security documentation, security controls, SSPs, and assessment artifacts
Support internal and external security audits, assessments, and accreditation activities
Collaborate with government, customer, and program stakeholders on security requirements and authorization activities
Security Testing & Validation
Assist with security testing activities including vulnerability assessments, penetration testing coordination, and validation of remediation efforts
Support secure configuration and hardening efforts across software, operating systems, and embedded environments
Review software and system telemetry to identify potential security weaknesses or anomalous behavior
Collaborate with Security Operations and Infrastructure teams to improve enterprise and product security visibility
Cross-Functional Collaboration
Work closely with Software, Embedded, Hardware, DevOps, and Infrastructure teams to balance security, performance, and operational requirements
Contribute to the development of scalable product security processes and governance
Support customer and internal security reviews related to deployed technologies and operational environments
Mentor engineering teams on secure development and security-by-design principles
Minimum Requirements:
5+ years of experience in cybersecurity engineering, product security, application security, or related engineering roles
Experience with software security design and secure system architecture principles
Hands-on experience conducting threat modeling and cybersecurity risk assessments
Knowledge of secure software development lifecycle (SSDLC) practices and application security concepts
Familiarity with cybersecurity frameworks and compliance standards including:
RMF
NIST 800-53
NIST 800-171
CMMC
DFARS
Experience supporting security authorization activities such as ATO processe
Benefits
Equity / stock options
Additional Information
CHAOS Industries is redefining modern defense with a multi-product portfolio that gives the ultimate advantage-domain dominance. The company's products are powered by Coherent Distributed Networks (CDN™), empowering warfighters, commercial air operators, and border protection teams to act faster, adapt rapidly, and stay ahead of evolving threats.
CHAOS Industries was founded in 2022 and has raised a total of $1 billion in funding from leading investors, including 8VC, Accel, and Valor Equity Partners. The company is headquartered in Los Angeles, with offices in Washington, D.C., San Francisco, San Diego, Seattle, and London. For more information, please visit www.chaosinc.com .
Role Overview:
We are seeking a Cybersecurity Engineer focused on Product Security to help design, assess, and secure our next-generation sensor platforms and supporting software ecosystems. This role will work closely with Software Engineering, Embedded Systems, Hardware Engineering, Infrastructure, and Program teams to ensure security is integrated throughout the product lifecycle - from architecture and development through deployment and operational support.
The ideal candidate has experience securing complex software and hardware systems within defense, aerospace, or other highly regulated environments. This individual will lead software security architecture efforts, perform threat modeling and risk assessments, support compliance initiatives, and help establish secure engineering standards across the organization.
This is a highly collaborative and hands-on role with direct impact on the security and resiliency of mission-critical technologies deployed in operational environments.
Chaosindustries · San Francisco, CA