Information Systems Security Engineer

Boston
Business Operations – IT /
Full Time /
Hybrid
Apply for this job
About Merlin:
Merlin is a venture backed aerospace startup building a non-human pilot to enable both reduced crew and uncrewed flight. Backed by some of the world’s leading investors, Merlin is scaling alongside our customers to begin leveraging autonomy today to solve some of aviation’s biggest challenges.

About you: 
You're a seasoned expert in enterprise and classified environments, with a deep mastery of design, implementation, and maintenance to build secure, high-performance systems. You prioritize streamlined processes, automation, and immutability, ensuring everything runs like a well-oiled machine. With confidence across networking, reliability, and risk management, you navigate complex domains with precision and ease.

Responsibilities:

    • Implement and ensure compliance with applicable security policies including RMF, NISPOM, JSIG, NIST SP 800-53, STIGs, and DoD guidelines.
    • Conduct security assessments, risk analysis, and vulnerability testing on systems, networks, and applications.
    • Integrate security controls into systems throughout the systems development life cycle (SDLC).
    • Coordinate with IT, development, and operations teams to ensure consistent and secure implementation of systems.
    • Provide security guidance during procurement, design reviews, and implementation phases.
    • Assist in incident response and forensic analysis in case of a security breach or anomaly.
    • Participate in security audits and compliance assessments.

Qualifications:

    • Active security clearance. Eligibility for SCI is a plus.
    • 5+ years of experience in cybersecurity and/or DevOps roles
    • Deep understanding of the RMF process including NIST SP 800-53
    • Experience with security tools such as SIEMs, vulnerability scanners, ACAS, Nessus, SCAP
    • Knowledge of firewall configuration, intrusion detection systems (IDS), and identity/access management.
    • Familiarity with cloud security principles (e.g., AWS, Azure, GCP).
    • Security certifications such as CISSP, Security+, or equivalent (DoD 8570 / DoD 8140)
This position is based on-site at Merlin HQ in Boston, MA. We offer flexible hybrid in office schedules.

We understand that relocating for a new role is a significant decision, and we’re here to support you every step of the way. That’s why we offer comprehensive relocation assistance to help make your transition as seamless as possible. From covering moving expenses to providing guidance on finding housing, we aim to ensure your relocation experience is stress-free.

Additionally, once you’re here, you’ll enjoy a variety of on-site perks designed to make your workday enjoyable and convenient. These include catered lunches featuring a rotating menu of delicious options, an assortment of snacks to keep you fueled throughout the day, and a selection of beverages, including coffee, tea, and other drinks, to keep you refreshed.

Our goal is to create an environment where you can thrive both professionally and personally

Merlin Labs offers an innovative, entrepreneurial, and team-focused startup environment. We also offer a top-notch benefits package (health, dental, life, unlimited vacation, and 401k with match) and work/life integration. Being part of the Merlin team allows you to become part of a small team that supports professional development while working together to achieve our mission.

Merlin Labs is an equal opportunity employer and values diversity. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status or disability
status. All job offers are contingent upon the candidate passing background, and reference checks. 

At this time, we are unable to provide visa sponsorship or consider candidates who require visa transfers. Applicants must be authorized to work in the United States without the need for visa sponsorship now or in the future.

If you require reasonable accommodation in completing an application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please direct your inquiries to people@merlinlabs.com

Merlin Labs does not accept unsolicited resumes from any source other than directly from candidates.
Apply for this job

Merlin Labs Home Page

Jobs powered by Lever logo