Senior Application Security Engineer

Devens, MA
Corporate Operations – IT /
Full-time /
Remote
Commonwealth Fusion Systems (CFS) has the fastest, lowest cost path to commercial fusion energy.

CFS collaborates with MIT to leverage decades of research combined with groundbreaking new high-temperature superconducting (HTS) magnet technology. HTS magnets will enable compact fusion power plants that can be constructed faster and at lower cost. Our mission is to deploy these power plants to meet global decarbonization goals as fast as possible. To that end, CFS has assembled a team of leaders in tough tech, fusion science, and manufacturing with a track record of rapid execution. Supported by the world’s leading investors, CFS is uniquely positioned to deliver limitless, clean, fusion power to combat climate change. To implement this plan, we are looking to add dedicated people to the team who treat people well, improve our work by adding multifaceted perspectives and new ways of solving problems, have achieved outstanding results through a range of pursuits, and have skills and experience related to this role.

The Senior Application Security Engineer reports to the Director of Cybersecurity and is primarily responsible for application and cloud infrastructure security at CFS. As part of a team of cybersecurity engineers, the role provides systems administration for cybersecurity operations and security advice to advance the cybersecurity program. This may include assisting in the implementation and administration of systems, ranging from firewalls to SIEM, DLP, network security, threat intelligence, vulnerability management, DevSecOps, OT, and EDR. This role includes strong collaboration with internal IT teams, as well as the promotion of cybersecurity awareness and training.

This team member will:

    • Partner with various software development teams to enhance our secure SDLC efforts
    • Advance the security of our IaaS and codebase in a DevOps environment, from development to production (e.g. SAST, APIs, DAST, IaC, WAF, CSPM, CWPP)
    • Assist with vulnerability management and threat intelligence, tracking and mitigating threats as necessary
    • Seek opportunities to apply automation and DevSecOps thinking, via threat intelligence analysis, security orchestration, and other operational efficiencies
    • Contribute to the administration of cybersecurity tools needed to achieve the cybersecurity mandate (SIEM, DLP, IAM, PAM, EPP/EDR, MDM, etc.)
    • Maintain current knowledge of new products and industry trends, and recommends enhancements and purchases that allow CFS to maintain a healthy and functional environment
    • Provide technical consulting to management, business users, and technical associates to ensure that applications and platforms are secure
    • Architect, design, implement, maintain and operate information system security controls and countermeasures; documents the operation, use, and expected outputs of these systems
    • Analyze and recommend security controls and procedures in business processes related to use of information systems and assets, and provides oversight to ensure compliance and alignment with security standards/frameworks (NIST 800-53)
    • Help promote a culture of cybersecurity awareness via outreach and training

The ideal candidate will have most, if not all, of these requirements:

    • Bachelor degree in Cybersecurity, Computer Science or equivalent experience
    • Relevant certification in the Cybersecurity field (CISSP preferred)
    • 5 years experience in a hands-on application security focused role
    • Experience securing IaaS (AWS) and cloud-native applications in a DevOps environment, from development to production (e.g. SAST, APIs, DAST, IaC, WAF, CSPM, CWPP, BSIMM, SAMM)
    • Demonstrated ability to apply fundamental cybersecurity and IT concepts to tasks and projects
    • Ability to work in a fast-paced environment and prioritize tasks/projects
    • DevSecOps/automation of security tasks
    • Excellent analytical and problem solving skills, and attention to detail
    • Evidence of personal focus on continuous learning

Additional experience and/or qualifications:

    • AWS Security certification
    • Hands-on experience managing enterprise security technologies (SIEM, firewall, IDS/IPS, EPP/EDR, IAM, DLP, etc.)
    • Familiarity with regulatory, compliance, and security frameworks (NIST, ISO, SOC 2)
    • Computer forensics
    • Ability to type, stand, and sit for extended periods of time
    • Willingness to occasionally travel or work required nights/weekends/on-call
    • Work in a facility that contains industrial hazards including heat, cold, noise, fumes, strong magnets, lead (Pb), high voltage, high current, pressure systems, and cryogenics
    • #LI-Remote
$80,000 - $180,000 a year
Salary range for this full-time position + equity + benefits. The actual salary will depend on level, location, qualifications, and experience. The range displayed on each job posting reflects the minimum and maximum target for new hire salaries for the position across all US locations.
CFS team members thrive in a fast-paced, dynamic environment and have demonstrated exceptional results through a range of different pursuits. We all tightly align with our company values of integrity, execution, impact and self-critique. As we grow, we are looking to add talented people who are mission driven and bring diverse perspectives and new ways of solving problems.

At CFS, we deeply value diversity and are an equal opportunity employer by choice. We consider all qualified applicants equally for employment. We do not discriminate on the basis of race, color, national origin, ancestry, citizenship status, protected veteran status, religion, physical or mental disability, marital status, sex, sexual orientation, gender identity or expression, age, or any other basis protected by law, ordinance, or regulation.