Senior Staff Cybersecurity Engineer, Platform Security (R5219)

Posted Yesterday
Be an Early Applicant
San Diego, CA, USA
In-Office
160K-240K Annually
Senior level
Aerospace • Artificial Intelligence • Machine Learning • Robotics • Software
Our mission is to protect service members and civilians with intelligent systems.
The Role
Lead design and implementation of secure-by-default infrastructure: build IaC modules, CI/CD templates, policy-as-code guardrails, and platform security tooling. Embed pipeline and supply-chain security, enforce least-privilege identity, operate defenses as self-service products, review high-risk designs, and set technical direction while mentoring engineers.
Summary Generated by Built In
Founded in 2015, Shield AI is a venture-backed defense-tech company with the mission of protecting service members and civilians with intelligent systems. Its products include Hivemind autonomy software and V-BAT and X-BAT aircraft. With offices and facilities across the U.S., Europe, the Middle East, and Asia-Pacific, Shield AI’s technology actively supports operations worldwide. For more information, visit www.shield.ai. Follow Shield AI on LinkedIn, X, Instagram, and YouTube. 

Job Description:

You'll be the senior technical owner for paved roads and secure-by-default engineering on the Security Engineering team. Your job is not to review and say no — it is to engineer the secure defaults, golden paths, and guardrails-as-code that make the secure way to build the easy way to build, across cloud, infrastructure, and CI/CD.

You will design, build, and operate the IaC modules, pipeline templates, internal libraries, and policy-as-code controls that the rest of the company consumes. You will engineer guardrails that block or flag the insecure path automatically, and replace recurring manual security work with durable mechanisms that don't depend on anyone remembering to do the right thing. As one of the most senior engineers on the team, you'll help shape and drive the technical direction for how secure-by-default works at Shield AI — partnering closely with a hands-on engineering lead — and raise the bar for everyone building on top of it.

This is a hands-on, build-heavy role. We are credible because we are technical — you'll read the code, the configs, the telemetry, and the architecture, and ship solutions durable enough to run without you.

What you'll do:

  • Build the secure defaults: Infrastructure-as-Code modules, CI/CD pipeline templates, internal libraries, and golden-path scaffolding that make the secure choice the easy choice.
  • Engineer guardrails as code — policy-as-code (OPA/Conftest), admission controllers, cloud guardrails (SCPs / org policy), and pre-commit and CI checks — so the insecure path is blocked or flagged automatically.
  • Own the platform security tooling that other teams consume, so they don't have to build their own; replace recurring manual work with durable, self-service mechanisms.
  • Embed security into the software and infrastructure supply chain: pipeline security, build/artifact integrity, dependency and container scanning, and secrets management.
  • Engineer workload and service identity controls (least privilege, short-lived credentials, federated trust) so zero-standing-privilege is real and observable.
  • Write and maintain production-quality code and infrastructure that backs these controls.
  • Partner with platform, infrastructure, and product engineering teams early — review high-blast-radius designs against the internal Security Engineering standard while the design can still change, and turn recurring findings into a missing paved road, not just another fix.
  • Set technical direction and standards for secure-by-default; document them so they can be applied without us, and mentor and raise the bar for other engineers.

Required qualifications:

  • Extensive experience in security engineering, platform/infrastructure engineering, DevSecOps, or a closely related field, with a track record of owning complex systems end-to-end.
  • Strong software engineering ability — you write, review, and ship production-quality code (any modern language) and treat infrastructure as software.
  • Hands-on experience building secure-by-default mechanisms: Infrastructure-as-Code, CI/CD pipeline security, and policy/guardrails as code.
  • Deep working knowledge of at least one major cloud provider and its security and identity model.
  • Demonstrated ability to design durable, automated solutions that reduce real risk without becoming a bottleneck — and to make explicit tradeoffs between security and the business.
  • Strong communication: you can explain a security concept to a product engineer in their language and to a leader in business terms, and you write recommendations people can act on.

Preferred qualifications:

  • Strong DevSecOps background with hands-on Kubernetes (admission control, OPA/Gatekeeper, workload identity) and Terraform (reusable secure modules, policy-as-code).
  • Production coding experience in Go, Python, and/or Rust; comfortable with scripting/automation in Bash and PowerShell.
  • Depth in Azure security and identity (Entra ID, Azure Policy, Management Group guardrails).
  • Experience securing AI/ML systems, pipelines, or workloads.
  • Offensive security / red team experience, with the ability to think like an attacker and translate those findings into stronger defaults and guardrails.
  • Experience with supply-chain security (SLSA, sigstore/cosign, SBOMs), container/image hardening, and secrets management.
  • Experience operating security tooling as an internal product consumed self-service by other engineering teams.
  • Bachelor's degree or equivalent professional certification and experience.

#LI-HM1
#LE

Full-time regular employee offer package:
Pay within range listed + Bonus + Benefits + Equity
 
Temporary employee offer package:
Pay within range listed above + temporary benefits package (applicable after 60 days of employment)
 
Salary compensation is influenced by a wide array of factors including but not limited to skill set, level of experience, licenses and certifications, and specific work location. All offers are contingent on a cleared background and possible reference check. Military fellows and part-time employees are not eligible for benefits. Please speak to your talent acquisition representative for more information.
 
###
 
Shield AI is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, marital status, disability, gender identity or Veteran status. If you have a disability or special need that requires accommodation, please let us know. 

Skills Required

  • Extensive experience in security engineering, platform/infrastructure engineering, DevSecOps, or closely related field with end-to-end ownership of complex systems
  • Strong software engineering ability: write, review, and ship production-quality code and treat infrastructure as software
  • Hands-on experience building secure-by-default mechanisms: Infrastructure-as-Code, CI/CD pipeline security, and policy/guardrails as code
  • Deep working knowledge of at least one major cloud provider and its security and identity model
  • Demonstrated ability to design durable, automated solutions that reduce risk without becoming a bottleneck and make security tradeoffs
  • Strong communication skills: explain security concepts to engineers and leaders and write actionable recommendations

What the Team is Saying

Dylan
Mo
Willy
Michael
Vibhav
Kirby
Ryan
Evan

Shield AI Compensation & Benefits Highlights

  • Healthcare Strength Company materials describe excellent medical, dental, and vision coverage alongside a mental‑health EAP. Site perks such as an onsite gym in DC and a gym discount in San Diego support a health‑focused offering.
  • Retirement Support Careers materials highlight a 401(k) with company match as part of the standard package. A Total Rewards overview emphasizes retirement features within a broader, transparent compensation view.
  • Career-Linked Recognition & Rewards Compensation for in‑demand technical and senior go‑to‑market roles is described as competitive, with visible engineering ranges and top‑end packages. This points to meaningful upside tied to role, level, and scarce skills.

Shield AI Insights

Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: Port Melbourne, Victoria
Year Founded: 2015

What We Do

Founded in 2015, Shield AI is a venture-backed deep-tech company with the mission of protecting service members and civilians with intelligent systems. Its products include the V-BAT and X-BAT aircraft, Hivemind Enterprise, and the Hivemind Vision product lines. With offices and facilities across the U.S., Europe, the Middle East, and the Asia-Pacific, Shield AI’s technology actively supports operations worldwide.

Why Work With Us

What makes Shield AI special is our people. We unlock the power of autonomy, and in the face of overwhelming odds and challenges, we find ways to win and make a difference for our customers. We bring together software, AI, and aerospace engineering disciplines to deploy the most intelligent aviation capabilities in the world.

Gallery

Gallery

Shield AI Offices

Hybrid Workspace

Employees engage in a combination of remote and on-site work.

Typical time on-site: 3 days a week
HQMelbourne, Victoria
HQSan Diego, CA
Abu Dhabi, AE
Arlington, VA
Boston, US
Frisco, US
Kyiv, UA
Melbourne, AU
Oslo, NO
Prosper, TX
Taipei City, TW
Taipei City, TW
Waltham, MA
Washington, US
Learn more

Similar Jobs

Shield AI Logo Shield AI

Senior Staff Verification and Validation Engineer (R4835)

Aerospace • Artificial Intelligence • Machine Learning • Robotics • Software
In-Office
2 Locations
170K-240K Annually

Shield AI Logo Shield AI

Senior Engineer

Aerospace • Artificial Intelligence • Machine Learning • Robotics • Software
In-Office
2 Locations
95K-200K Annually

Shield AI Logo Shield AI

Staff Software Engineer

Aerospace • Artificial Intelligence • Machine Learning • Robotics • Software
In-Office
3 Locations
188K-281K Annually

Shield AI Logo Shield AI

Marketing Manager

Aerospace • Artificial Intelligence • Machine Learning • Robotics • Software
In-Office or Remote
3 Locations
110K-166K Annually

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account