{"version":"0.1","company":{"name":"YubHub","url":"https://yubhub.co","jobsUrl":"https://yubhub.co/jobs/skill/stigs"},"x-facet":{"type":"skill","slug":"stigs","display":"Stigs","count":2},"x-feed-size-limit":100,"x-feed-sort":"enriched_at desc","x-feed-notice":"This feed contains at most 100 jobs (the most recently enriched). For the full corpus, use the paginated /stats/by-facet endpoint or /search.","x-generator":"yubhub-xml-generator","x-rights":"Free to redistribute with attribution: \"Data by YubHub (https://yubhub.co)\"","x-schema":"Each entry in `jobs` follows https://schema.org/JobPosting. YubHub-native raw fields carry `x-` prefix.","jobs":[{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_de168cba-02c"},"title":"Principal Software Engineer, Platform Security","description":"<p>We&#39;re looking for a principal-level engineer to serve as a technical leader for platform security across Anduril. This role combines deep expertise in cryptography, systems security, and secure architecture with the ability to drive security strategy across business lines and the platform.</p>\n<p>As the world enters an era of strategic competition, Anduril is committed to bringing cutting-edge autonomy, AI, computer vision, sensor fusion, and networking technology to the military in months, not years.</p>\n<p>Key Responsibilities:</p>\n<ul>\n<li>Own the technical vision and architecture for platform security across Anduril&#39;s product ecosystem</li>\n<li>Design cryptographic systems, protocols, and key management architectures for autonomous and robotic platforms operating in contested and disconnected environments</li>\n<li>Lead the design of hardware root-of-trust architectures integrating TPMs, TEEs, HSMs, and secure boot across diverse embedded platforms</li>\n<li>Drive the strategy for promoting business-line security implementations into shared, composable platform services</li>\n<li>Serve as the senior technical authority for security architecture reviews across the organization, providing definitive guidance on cryptographic design, protocol security, and system hardening</li>\n<li>Define security patterns, reference architectures, and engineering standards that enable teams across Anduril to build securely and independently</li>\n<li>Mentor and develop senior engineers on the team, raising the bar for security engineering across the organization</li>\n<li>Represent Anduril&#39;s security engineering capabilities to customers, partners, and auditors when deep technical credibility is required</li>\n<li>Evaluate emerging threats, cryptographic standards, and security technologies, driving adoption where they strengthen the platform</li>\n</ul>\n<p>Required Qualifications:</p>\n<ul>\n<li>12+ years of experience in software engineering, with significant depth in systems security and cryptography</li>\n<li>Expert-level knowledge of cryptographic protocol design, including key management architectures, certificate systems, and cryptographic agility</li>\n<li>Deep experience with hardware security: TPM, TEE, HSM, secure boot, and hardware root-of-trust design across multiple platform types</li>\n<li>Proficient in two or more of: C++, Rust, Go</li>\n<li>Experience designing security architectures for embedded, real-time, or robotic systems with constrained environments</li>\n<li>Track record of leading cross-organizational technical initiatives and driving architectural decisions that span multiple teams</li>\n<li>Strong ability to communicate complex security concepts to engineering leadership, product teams, and external stakeholders</li>\n<li>Experience performing and leading threat modeling, security architecture reviews, and cryptographic design reviews</li>\n<li>Eligible to obtain and maintain active U.S. Secret security clearance</li>\n</ul>\n<p>Preferred Qualifications:</p>\n<ul>\n<li>Experience with post-quantum cryptography, distributed key generation (DKG), or threshold cryptographic schemes</li>\n<li>Background in defense, aerospace, or autonomous systems with exposure to FIPS 140, Common Criteria, or NSA CSfC requirements</li>\n<li>Experience designing secure communication protocols for autonomous platforms or mesh networks</li>\n<li>Deep knowledge of Linux kernel security, mandatory access controls (SELinux/AppArmor), and OS hardening at scale</li>\n<li>Experience building and evolving platform security services consumed by dozens of teams</li>\n<li>Familiarity with compliance frameworks (STIGs, NIST 800-53, CMMC) and translating them into engineering controls that don&#39;t compromise developer velocity</li>\n<li>Publications, patents, or recognized contributions in cryptography or systems security</li>\n<li>Experience with Nix build systems and reproducible build pipelines for security-critical software</li>\n</ul>\n<p>US Salary Range: $254,000-$336,000 USD</p>\n<p style=\"margin-top:24px;font-size:13px;color:#666;\">XML job scraping automation by <a href=\"https://yubhub.co\">YubHub</a></p>","url":"https://yubhub.co/jobs/job_de168cba-02c","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Anduril Industries","sameAs":"https://www.andurilindustries.com/","logo":"https://logos.yubhub.co/andurilindustries.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/andurilindustries/jobs/5087992007","x-work-arrangement":"onsite","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":"$254,000-$336,000 USD","x-skills-required":["cryptography","systems security","secure architecture","cryptographic protocol design","key management architectures","certificate systems","cryptographic agility","hardware security","TPM","TEE","HSM","secure boot","hardware root-of-trust design","embedded systems","real-time systems","robotic systems","constrained environments","cross-organizational technical initiatives","architectural decisions","complex security concepts","threat modeling","security architecture reviews","cryptographic design reviews","U.S. Secret security clearance"],"x-skills-preferred":["post-quantum cryptography","distributed key generation","threshold cryptographic schemes","defense","aerospace","autonomous systems","FIPS 140","Common Criteria","NSA CSfC requirements","secure communication protocols","mesh networks","Linux kernel security","mandatory access controls","OS hardening","compliance frameworks","STIGs","NIST 800-53","CMMC","publications","patents","recognized contributions","Nix build systems","reproducible build pipelines"],"datePosted":"2026-04-18T15:49:36.448Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Boston, Massachusetts, United States; Costa Mesa, California, United States; Seattle, Washington, United States; Washington, District of Columbia, United States"}},"employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"cryptography, systems security, secure architecture, cryptographic protocol design, key management architectures, certificate systems, cryptographic agility, hardware security, TPM, TEE, HSM, secure boot, hardware root-of-trust design, embedded systems, real-time systems, robotic systems, constrained environments, cross-organizational technical initiatives, architectural decisions, complex security concepts, threat modeling, security architecture reviews, cryptographic design reviews, U.S. Secret security clearance, post-quantum cryptography, distributed key generation, threshold cryptographic schemes, defense, aerospace, autonomous systems, FIPS 140, Common Criteria, NSA CSfC requirements, secure communication protocols, mesh networks, Linux kernel security, mandatory access controls, OS hardening, compliance frameworks, STIGs, NIST 800-53, CMMC, publications, patents, recognized contributions, Nix build systems, reproducible build pipelines","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":254000,"maxValue":336000,"unitText":"YEAR"}}},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_0710447f-f19"},"title":"Information Systems Security Officer","description":"<p>We are seeking an experienced Information Systems Security Officer to join our team. greatness in the field of Information Systems Security Officer.</p>\n<p>As an Information Systems Security Officer, you will play a critical role in shaping classified, closed, or air-gapped environments in which to deploy Anduril products or software. You will be well-versed in a combination of Information Technology, Security, and government accreditation processes, and will utilize your sharp critical thinking skills to balance Business Line needs, product velocity, and customer requirements.</p>\n<p>Responsibilities:</p>\n<ul>\n<li>Provide expertise in documenting security controls that apply to respective systems to meet cybersecurity framework requirements.</li>\n<li>Perform required security functions on an iterative basis to meet requirements and deliver results.</li>\n<li>Apply technology standards from the commercial space in classified, air-gapped environments.</li>\n<li>Assist the ISSM, fellow ISSOs, and other members of the Classified Infrastructure team to understand key stakeholders&#39; needs and provide complex technical solutions to meet contractual obligations.</li>\n<li>Tailor NIST 800-53 controls to determine applicability to the network environment and oversee the implementation of Continuous Monitoring for respective programs.</li>\n<li>Define, document, and conduct security scanning on Anduril&#39;s products and accredited information systems.</li>\n<li>Scope, shape, and orchestrate the development of features to ensure products meet compliance goals.</li>\n</ul>\n<p>Requirements:</p>\n<ul>\n<li>Design, develop, and implement secure systems and networks per NIST RMF, JSIG, and other industry standards.</li>\n<li>Participate and assist in security risk assessments, vulnerability assessments, and audits to identify and mitigate threats.</li>\n<li>Speak to and recommend security solutions, such as IDS/IPS, encryption protocols, and secure communications technologies.</li>\n<li>Develop and enforce access controls, encryption strategies, and other technical measures to safeguard systems.</li>\n<li>Maintain and update System Security Plans (SSPs), POA&amp;Ms, and other accreditation documentation.</li>\n<li>Manage the organization&#39;s security posture, ensuring compliance with internal policies and external regulatory frameworks.</li>\n<li>Participate in the Authorization and Accreditation (A&amp;A) processes to obtain/maintain system Authority to Operate (ATO).</li>\n<li>Able to assist, even lead, incident response efforts, including investigation, root cause analysis, containment, and reporting.</li>\n<li>Conduct regular audits, continuous monitoring, and risk assessments to ensure ongoing compliance and system resilience.</li>\n<li>Collaborate with government security officials, stakeholders, and teams to address security gaps and improve controls.</li>\n<li>Currently possesses and is able to maintain an active U.S. Top Secret security clearance.</li>\n</ul>\n<p>Preferred Qualifications:</p>\n<ul>\n<li>Experience with industry standard tools such as Splunk, DISA STIGs, and SCC.</li>\n<li>The ability to understand programming/scripting languages, i.e. Python, Powershell, Bash</li>\n<li>An understanding of Linux Red Hat operating systems and SELinux policy.</li>\n</ul>\n<p style=\"margin-top:24px;font-size:13px;color:#666;\">XML job scraping automation by <a href=\"https://yubhub.co\">YubHub</a></p>","url":"https://yubhub.co/jobs/job_0710447f-f19","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Anduril","sameAs":"https://www.anduril.com/","logo":"https://logos.yubhub.co/anduril.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/andurilindustries/jobs/4993772007","x-work-arrangement":"onsite","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":"$113,000-$149,000 USD","x-skills-required":["NIST RMF","JSIG","IDS/IPS","Encryption protocols","Secure communications technologies","Access controls","Encryption strategies","System Security Plans","POA&Ms","Authorization and Accreditation","Incident response","Continuous monitoring","Risk assessments"],"x-skills-preferred":["Splunk","DISA STIGs","SCC","Python","Powershell","Bash","Linux Red Hat operating systems","SELinux policy"],"datePosted":"2026-04-18T15:44:58.014Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Costa Mesa, California, United States"}},"employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"NIST RMF, JSIG, IDS/IPS, Encryption protocols, Secure communications technologies, Access controls, Encryption strategies, System Security Plans, POA&Ms, Authorization and Accreditation, Incident response, Continuous monitoring, Risk assessments, Splunk, DISA STIGs, SCC, Python, Powershell, Bash, Linux Red Hat operating systems, SELinux policy","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":113000,"maxValue":149000,"unitText":"YEAR"}}}]}