Corporate Security Engineer
Austin, Texas
Cybersecurity /
Full Time /
On-site
Saronic Technologies is a leader in revolutionizing defense autonomy at sea, dedicated to developing state-of-the-art solutions that enhance maritime operations for the Department of Defense (DoD) through autonomous and intelligent platforms.
As a Corporate Security Engineer, you’ll safeguard the systems that power Saronic’s mission. You’ll engineer, harden, and operate Microsoft 365 and AWS environments to meet defense-grade security requirements while protecting our people, data, and operations.
You’ll own the protection of every employee, system, and credential. Your work will secure the full user lifecycle by automating onboarding/offboarding, protecting remote and traveling employees, and minimizing human-targeted risks like phishing and social engineering.
You will design secure-by-default platforms, automate compliance and monitoring through cloud solutions, and ensure our environments remain resilient, frictionless, and compliant.
At Saronic, security is a force multiplier; security is not a blocker. You will have the autonomy to build and the mandate to innovate, working side-by-side with engineers who are developing technology that directly supports national defense. This role is ideal for someone who wants to own security at scale, shape a defense-grade security program, and see their impact every day.
You’ll thrive here if you’re driven by mission, biased toward action, and enjoy working in a high-trust, low-ego team that values resilience, integrity, and creativity.
Key Responsibilities:
- Cloud and Identity Security
- Administer and secure multiple Microsoft 365 GCC High and Microsoft 365 commercial tenants and AWS GovCloud and commercial accounts to align with NIST SP 800-171, NIST CSF, and ISO 27001 standards
- Configure and harden identity and access management (Entra ID, AWS IAM), data loss prevention (Purview), and conditional access policies to enforce multi-factor authentication, single sign-on, and least privilege
- Implement security guardrails and automation in partnership with IT and DevOps teams using Infrastructure as Code (Terraform, Ansible, CloudFormation)
- Continuously drive security automation and visibility improvements across people, process, and technology
- User and Endpoint Security
- Engineer and enforce secure device baselines and policies via Intune and Jamf for unified endpoint management
- Configure and maintain endpoint protection platforms (Defender, CrowdStrike)
- Secure the user lifecycle through automated identity and device provisioning/de-provisioning, least-privilege enforcement, remote and traveling employee protection, and anomalous behavior monitoring
- Reduce phishing and user-targeted threats through identity hardening, email protections, and user awareness feedback loops
- Network Security
- Engineer and maintain secure network architectures across global offices, remote, and cloud environments through VPNs, network segmentation, DNS filtering, secure network connectivity, and firewall configurations
- Lead vulnerability, configuration, and asset management to maintain secure baselines and visibility across all enterprise systems
- Support incident response through automation, playbooks, and forensic readiness
- Application Security
- Harden and monitor SaaS applications through secure SaaS controls, SSO/SAML enforcement, SCIM provisioning, and least privilege
- Manage shadow IT detection, vendor risk reviews, and data protection
Required Qualifications:
- 3+ years proven experience administering and securing Microsoft 365 through Intune + Jamf, Entra ID, Defender, Purview, and Sentinel
- Hands-on experience securing AWS environments, including secure configurations of IAM, GuardDuty, CloudTrail, Config, Security Hub, and encryption/key management controls
- Proven proficiency in scripting and automation (i.e., Python, PowerShell, Bash)
- Familiarity with cloud and identity ecosystems (i.e., Azure, AWS, Okta, Entra ID, Active Directory)
- Eligibility for a DoD security clearance required
Preferred Qualifications:
- Experience with highly regulated frameworks such as NIST SP 800-171, NIST SP 800-53, ISO 27001, or FedRAMP
- Familiarity with cloud and endpoint observability and EDR tools (i.e., Defender, CrowdStrike, Sentinel, Splunk)
- Demonstrated experience automating compliance and audit processes
- Experience implementing and managing secure cloud architecture and controls using Infrastructure as Code tools (i.e., Terraform, CloudFormation, Ansible)
- Proven ability to design and operate Zero Trust Network Access
- Experience implementing network intrusion detection and response tools
- Demonstrated ability to evaluate SaaS vendor security posture and integrate approved applications securely into the environment
- Background in defense, aerospace, or high-assurance manufacturing
- Relevant security certifications (SC-100, MS-500, MD-102, AWS Certified Security - Specialty, GCSA, GCIA, CISSP, CCSP)
Physical Demands
- Prolonged periods of sitting and computer work
- Occasional standing and walking within the office
- Manual dexterity to operate computers and office equipment
- Visual acuity to read screens and documents
- Occasional reaching or lifting up to 20 pounds (e.g., equipment or supplies)
Benefits:
Medical Insurance: Comprehensive health insurance plans covering a range of services
Saronic pays 100% of the premium for employees and 80% for dependents
Dental and Vision Insurance: Coverage for routine dental check-ups, orthodontics, and vision care
Saronic pays 99% of the premium for employees and 80% for dependents
Time Off: Generous PTO and Holidays
Parental Leave: Paid maternity and paternity leave to support new parents
Competitive Salary: Industry-standard salaries with opportunities for performance-based bonuses
Retirement Plan: 401(k) plan
Stock Options: Equity options to give employees a stake in the company’s success
Life and Disability Insurance: Basic life insurance and short- and long-term disability coverage
Additional Perks: Free lunch benefit and unlimited free drinks and snacks in the office
This role requires access to export-controlled information or items that require “U.S. Person” status. As defined by U.S. law, individuals who are any one of the following are considered to be a “U.S. Person”: (1) U.S. citizens, (2) legal permanent residents (a.k.a. green card holders), and (3) certain protected classes of asylees and refugees, as defined in 8 U.S.C. 1324b(a)(3).
Saronic does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity or any other reason prohibited by law in provision of employment opportunities and benefits.