Cybersecurity Engineer

Cybersecurity Engineer

Hermeus is a high-speed aircraft manufacturer focused on the rapid design, build, and test of high-Mach and hypersonic aircraft for the national interest. Working directly with the Department of Defense, Hermeus delivers capabilities that will ensure that our nation, and our allies, maintain an asymmetric advantage over any and all potential adversaries.

We are seeking a highly skilled and experienced Cybersecurity Engineer to join our team. The ideal candidate will have a strong background working within a defense contractor environment, bringing specialized knowledge of security best practices, regulatory compliance (e.g., CMMC, NIST 800-171), and robust system hardening. This role is critical in protecting our sensitive and classified information systems. A deep understanding of Microsoft security ecosystem, including Microsoft Entra ID (formerly Azure AD) and Microsoft Purview, is essential. The engineer will play a key role in our vulnerability management program, encompassing detection, analysis, and remediation, and will be central to performing in-depth risk analysis across our IT infrastructure.

Responsibilities:

Technical Implementation & Management

• Design, implement, and manage security controls and configurations within the Microsoft ecosystem, with a focus on Entra ID and Purview.
• Manage identity and access governance (IAG) using Entra ID, including conditional access policies, privileged identity management (PIM), and multi-factor authentication (MFA).
• Utilize Microsoft Purview for data governance, data loss prevention (DLP), eDiscovery, and compliance management to meet defense contractor requirements.
• Configure and maintain security solutions across cloud (Azure/Microsoft 365) and on-premises environments.

Vulnerability & Risk Management

• Lead the organization's vulnerability detection and remediation efforts, utilizing industry-standard tools to identify, prioritize, and track security flaws.
• Conduct comprehensive risk analysis and assessments (RAAs) on new and existing systems, providing actionable recommendations to mitigate identified threats.
• Develop and implement patching and configuration management strategies to reduce the attack surface.
• Respond to and investigate security incidents, performing root cause analysis and implementing preventative measures.

Compliance & Defense Sector Expertise

• Ensure all security measures and procedures comply with mandatory defense industry regulations and frameworks (e.g., NIST SP 800-171, CMMC).
• Participate in internal and external audits related to security compliance.
• Develop and maintain security documentation, including System Security Plans (SSPs), Plan of Action and Milestones (POA&Ms), and standard operating procedures (SOPs).

Minimum Requirements:

• Bachelor's degree in Computer Science, Information Technology, Cyber Security, or a related field (or equivalent work experience).
• Minimum of 5 years of experience in a dedicated Cyber Security or Information Assurance role.

• Proven experience working directly for or extensively with a U.S. defense contractor, including familiarity with controlled unclassified information (CUI) handling and protection.
• Demonstrable expertise in Microsoft Entra ID (formerly Azure AD) administration, including tenant configuration, governance, and security feature deployment.
• Hands-on experience with Microsoft Purview, particularly in managing data governance, compliance, and DLP policies.
• Specialized experience in vulnerability management lifecycle (scanning, analysis, prioritization, remediation tracking) and using associated tools.
• Strong background in security risk analysis, threat modeling, and formulating mitigation strategies.

Preferred Skills & Experience:

• Excellent written and verbal communication skills, with the ability to articulate complex security risks to both technical and non-technical stakeholders.
• Proficiency with scripting languages (e.g., PowerShell, Python) for automation of security tasks.
• Familiarity with Security Information and Event Management (SIEM) platforms.
• Relevant security certifications such as: GIAC, CASP+, CEH, or Microsoft certifications (e.g., SC-300, SC-400, AZ-500) are highly desirable.

The salary information provided is a general guideline only. Hermeus takes various factors into account, including, but not limited to, the position's scope and responsibilities, the candidate's professional background, education and training, essential skills, and market and business considerations, when presenting a job offer.  Compensation is only one part of our total rewards package. Hermeus offers competitive salary and equity, unlimited PTO policy, generous parental leave, potential for year-end bonuses, and more! 

• 100% employer-paid health care
• 401k & retirement plans
• Unlimited PTO
• Weekly paid office lunches
• Fully stocked breakrooms
• Stock options
• Paid Parental Leave

U.S. EXPORT CONTROL COMPLIANCE STATUS

The person hired will have access to information and items subject to U.S. export controls, and therefore, must either be a “U.S. person” as defined by 22 C.F.R. § 120.62 or otherwise eligible for deemed export licensing. US persons include U.S. citizens, U.S. nationals, lawful permanent residents (green card holders), and asylees and refugees with such status granted, not pending.

EQUAL OPPORTUNITY

Hermeus is an Equal Opportunity Employer. Employment decisions at Hermeus are based solely on merit, competence, and qualifications, without regard to race, color, religion, gender, national origin/ethnicity, veteran status, disability status, age, sexual orientation, gender identity, marital status, mental or physical disability, or any other legally protected status.