Platform Security Engineer

Job Description

Job Description

Saronic Technologies is a leader in revolutionizing defense autonomy at sea, dedicated to developing state-of-the-art solutions that enhance maritime operations for the Department of Defense (DoD) through autonomous and intelligent platforms.

Saronic Technologies is a leader in defense autonomy at sea. We’re seeking a Platform Security Engineer to secure the cloud / edge where vessels, operators, and customers meet. You’ll own identity and access patterns, secrets and key management, secure network posture, and policy-as-code guardrails—working across AWS (including GovCloud), Terraform infrastructure, and service code to deliver trustworthy, auditable systems.

Senior Engineers : 3+ years securing production cloud platforms (identity, secrets / KMS, network posture), preferably in autonomy, robotics, aerospace, or defense.

Staff Engineers : 8+ years including technical leadership across secure-by-default platform modules, short-lived credential issuance, and cross-account policy design; demonstrated ownership from design through operational rollout.

Key Responsibilities

• Design, develop, and maintain secure-by-default infrastructure on
• AWS using Terraform (ALB / OIDC, IAM, KMS, Secrets Manager, Route53, VPC / SGs).
• Standardize OIDC at the edge (ALB / ingress) for internal and external applications; define scopes, claims, and token lifecycles.
• Own secrets and key management : KMS key policies, rotation schedules, cross-account access, and automated issuance for services and tools.
• Enforce IMDSv2 required, least-privilege IAM roles, and tight security groups across modules; add CI / policy checks to prevent regressions.
• Design secure protocols / APIs for service↔service and boat↔cloud communication (mTLS / TLS, certificate issuance / rotation, revocation).
• Manage short-lived credentials used by fleet / overlay services; implement rotation, auditing, and incident response runbooks.
• Prefer service-mediated S3 access over broad pre-signed URLs; codify bucket policies, logging, and access boundaries.
• Build centralized, tamper-evident logging and audit trails; integrate detections and metrics to validate control effectiveness.
• Perform threat modeling and security reviews; document patterns and drive adoption via reusable modules and guides.
• Troubleshoot complex security issues in production; lead post-incident reviews and drive remediation to closure.
• Stay current on cloud security best practices, especially for defense / government environments.

Required Qualifications :

Preferred Qualifications :

Benefits :

Medical Insurance :   Comprehensive health insurance plans covering a range of services

Saronic pays 100% of the premium for employees and 80% for dependents

Dental and Vision Insurance :   Coverage for routine dental check-ups, orthodontics, and vision care

Saronic pays 100% of the premium under the basic plan for employees and 80% for dependents

Time Off :   Generous PTO and Holidays

Parental Leave :   Paid maternity and paternity leave to support new parents

Competitive Salary :   Industry-standard salaries with opportunities for performance-based bonuses

Retirement Plan :  401(k) plan

Stock Options :  Equity options to give employees a stake in the company’s success

Life and Disability Insurance :  Basic life insurance and short- and long-term disability coverage

Pet Insurance :  Discounted pet insurance options including 24 / 7 Telehealth helpline

Additional Perks :  Free lunch benefit and unlimited free drinks and snacks in the office

This role requires access to export-controlled information or items that require “U.S. Person” status. As defined by U.S. law, individuals who are any one of the following are considered to be a “U.S. Person” : (1) U.S. citizens, (2) legal permanent residents (a.k.a. green card holders), and (3) certain protected classes of asylees and refugees, as defined in  8 U.S.C. 1324b(a)(3) .

Saronic does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity or any other reason prohibited by law in provision of employment opportunities and benefits.