Application Security Engineer

Mission 

As Security Engineer you will design, integrate, and harden Slingshot’s software and infrastructure in classified government environments. You will deploy secure enclaves, enforce DevSecOps practices, and ensure systems are hardened, resilient, and compliant. This role is mission critical. If systems are not hardened and compliant, the SME cannot secure the ATO and mission progress halts. Success requires a hands on engineer who thrives in complexity, moves fast under pressure, and brings a mission first can do mindset to cleared programs. 

What You Will Do 

• Engineer hardened Linux based and containerized systems for air gapped and enclave deployments 
• Build and maintain secure CI/CD pipelines, enclave build processes, and hardened OS images 
• Perform secure code reviews, threat modeling, and integrate AppSec scanning including SAST, DAST, IaC, and SBOM validation 
• Deploy hybrid and on prem IAM solutions including RBAC, MFA, PAM, and directory services for classified enclaves 
• Apply CIA triad principles to strengthen system security and reliability 
• Execute vulnerability management, CVE remediation, and produce Software Assurance Reports 
• Draft system architecture and boundary diagrams supporting ATO and audit packages 
• Apply DISA STIGs, CIS Benchmarks, and DoD hardening standards to enclave deployments 
• Work with primes, subcontractors, and government ISSMs to ensure systems are hardened and auditable 
• Automate compliance enforcement to reduce manual overhead in secure builds 
• Support incident detection and response in classified environments
• Secure internal SaaS, productivity tools, and collaboration platforms
• Manage vulnerabilities, harden corporate applications, and assist with audit-driven remediation
• Support best DevOps practices across company products and services as well as internal tools

Required Qualifications 

• Active TS/SCI clearance (polygraph if applicable) 
• U.S. Citizenship (no duals) 
• 7 plus years in security engineering or systems engineering for cleared government programs 
• Direct experience in enclave or air gapped deployments supporting ATO accreditation 
• Strong coding and scripting ability including Python, Go, Bash, YAML 
• Knowledge of NIST 800 171, CMMC 2.0, DoD RMF, FedRAMP, and CNSSI 1253 
• Experience implementing DISA STIGs, CIS Benchmarks, and enclave hardening standards 
• Certifications such as CISSP, Security+, and OSCP or equivalent 

Preferred Qualifications 

• 10 plus years of experience in security engineering or systems engineering supporting cleared DoD or IC programs 
• Direct experience implementing and validating DISA STIGs, CIS Benchmarks, and DoD Secure Configuration Guidance in classified environments 
• Hands on experience with cross domain solutions and enclave to enclave data flow protections 
• Expertise integrating DevSecOps practices in air gapped CI/CD pipelines with automated compliance checks 
• Experience deploying and securing AI and ML workloads in classified settings including GPU isolation, model artifact protection, and sensitive data boundary enforcement 
• Familiarity with advanced FedRAMP and DoD approved stacks including M365 GCC High, Okta FedRAMP, CrowdStrike GovCloud, and Zscaler for Government 
• Deep knowledge of cryptography, PKI, key management, enclave networking, and secure hybrid cloud integration 
• Experience drafting technical documentation and presenting to customer design reviews, TRBs, and accreditation boards 
• Container and Kubernetes security experience including hardened builds and cluster defense in classified environments 
• Infrastructure as Code (IaC) security expertise with Terraform, Ansible, or similar tooling 
• Reverse engineering and exploit mitigation skills in enclave settings 
• Cross platform expertise across Linux, Windows, and hybrid operating systems in air gapped environments 
• Network segmentation and microsegmentation design for high side environments 
• Zero Trust architecture implementation in hybrid and enclave deployments 
• Red team and penetration testing support to validate enclave hardening 
• Experience supporting IT and cyber operations inside SCIFs or other secure facilities 
• Advanced certifications strongly preferred including OSCE, CISSP ISSEP, GIAC GSE, or equivalent 

Why This Role 

This role is hands on and mission critical. If systems are not secured to the highest standards, the SME cannot deliver an ATO and the program will not move forward. You will be the engineer who ensures Slingshot’s technology is trusted and deployable in the most sensitive environments, enabling programs to succeed and missions to be accomplished. 

Location: US based Remote with onsite travel to secure customer environments

Clearance Required: Active TS/SCI (polygraph if applicable) 

Employment Type: Full Time 

Reports To: Senior Director of Information Security and IT 

Location: Remote

Travel: 15% - 35%

Salary: $100,000 - $155,000