Cybersecurity Engineer, Product Security

CHAOS Industries is redefining modern defense with a multi-product portfolio that gives the ultimate advantage—domain dominance. The company's products are powered by Coherent Distributed Networks (CDN™), empowering warfighters, commercial air operators, and border protection teams to act faster, adapt rapidly, and stay ahead of evolving threats.  CHAOS Industries was founded in 2022 and has raised a total of $1 billion in funding from leading investors, including 8VC, Accel, and Valor Equity Partners. The company is headquartered in Los Angeles, with offices in Washington, D.C., San Francisco, San Diego, Seattle, and London. For more information, please visit www.chaosinc.com . Role Overview: We are seeking a Cybersecurity Engineer focused on Product Security to help design, assess, and secure our next-generation sensor platforms and supporting software ecosystems. This role will work closely with Software Engineering, Embedded Systems, Hardware Engineering, Infrastructure, and Program teams to ensure security is integrated throughout the product lifecycle — from architecture and development through deployment and operational support.   The ideal candidate has experience securing complex software and hardware systems within defense, aerospace, or other highly regulated environments. This individual will lead software security architecture efforts, perform threat modeling and risk assessments, support compliance initiatives, and help establish secure engineering standards across the organization.   This is a highly collaborative and hands-on role with direct impact on the security and resiliency of mission-critical technologies deployed in operational environments.   Responsibilities:   Product Security Engineering   Design and implement secure software and hardware system architectures for mission-critical platforms and supporting infrastructure    Partner with engineering teams to integrate security requirements throughout the software development lifecycle (SDLC)    Conduct architecture reviews and identify security risks across software, embedded, cloud, and hardware systems    Develop secure design standards, engineering guidance, and product security best practices    Support secure development initiatives including code review, dependency management, secrets management, and vulnerability remediation    Threat Modeling & Risk Assessment   Lead threat modeling exercises for software, embedded systems, hardware platforms, and supporting infrastructure    Conduct cybersecurity risk assessments for products, systems, and operational environments    Identify attack surfaces, trust boundaries, and potential exploitation paths    Work with engineering teams to prioritize and remediate identified security risks    Develop mitigation strategies for cybersecurity threats impacting deployed systems and sensitive technologies    Compliance & Security Authorization   Support cybersecurity compliance initiatives and product authorization efforts including:    RMF (Risk Management Framework)    ATO (Authority to Operate)    Export control and regulated data handling requirements    Assist with development of system security documentation, security controls, SSPs, and assessment artifacts    Support internal and external security audits, assessments, and accreditation activities    Collaborate with government, customer, and program stakeholders on security requirements and authorization activities    Security Testing & Validation   Assist with security testing activities including vulnerability assessments, penetration testing coordination, and validation of remediation efforts    Support secure configuration and hardening efforts across software, operating systems, and embedded environments    Review software and system telemetry to identify potential security weaknesses or anomalous behavior    Collaborate with Security Operations and Infrastructure teams to improve enterprise and product security visibility    Cross-Functional Collaboration   Work closely with Software, Embedded, Hardware, DevOps, and Infrastructure teams to balance security, performance, and operational requirements    Contribute to the development of scalable product security processes and governance    Support customer and internal security reviews related to deployed technologies and operational environments    Mentor engineering teams on secure development and security-by-design principles      Minimum Requirements:   5+ years of experience in cybersecurity engineering, product security, application security, or related engineering roles    Experience with software security design and secure system architecture principles    Hands-on experience conducting threat modeling and cybersecurity risk assessments    Knowledge of secure software development lifecycle (SSDLC) practices and application security concepts    Familiarity with cybersecurity frameworks and compliance standards including:    RMF    NIST 800-53    NIST 800-171    CMMC    DFARS    Experience supporting security authorization activities such as ATO processes and security documentation development, and eMASS   Understanding of cloud, endpoint, network, and identity security concepts    Strong analytical, troubleshooting, and technical communication skills    Ability to operate effectively in a fast-paced startup environment    Must be a U.S. Citizen eligible for government facilities and sensitive information Ability to obtain additional security clearances as required by contract Preferred Requirements:   Active Security Clearance Experience supporting defense, aerospace, government contracting, or regulated technology environments    Experience securing embedded systems, sensor platforms, or edge computing technologies    Familiarity with export control requirements including ITAR and EAR