Principal Systems Engineer, Cyber (R3683)

Founded in 2015, Shield AI is a venture-backed defense technology company with the mission of protecting service members and civilians with intelligent systems. Its products include the V-BAT aircraft, Hivemind Enterprise, and the Hivemind Vision product lines. With offices in San Diego, Dallas, Washington, D.C., Boston, Abu Dhabi (UAE), Kyiv (Ukraine), and Melbourne (Australia), Shield AI’s technology actively supports U.S. and allied operations worldwide. For more information, visit www.shield.ai. Follow Shield AI on LinkedIn,X, YouTubeand Instagram.     
Job Description:Shield AI is seeking a Cybersecurity Architect to lead the design and implementation of secure-by-design architectures across our autonomy software stack, developer tools, mission systems, and cloud-deployed infrastructure. You will work cross-functionally with engineering, product, infrastructure, and compliance teams to ensure that our autonomy platforms are robust against cyber threats, meet evolving security and assurance requirements, and are prepared for field deployment in adversarial environments.
This is a highly technical, hands-on leadership role focused on embedding security principles into software development lifecycles, designing resilient system architectures, and guiding the secure evolution of the Hivemind autonomy ecosystem and related platforms.

Key Responsibilities:

• Define and evolve the security architecture across embedded, edge, and cloud components of Shield AI’s autonomy stack
• Drive adoption of secure software development practices, including threat modeling, secure code review standards, and automated static/dynamic analysis tooling
• Lead the design of cryptographic protocols, identity and access management systems, secure communication layers, and key management infrastructure
• Conduct architecture risk assessments and influence design decisions to minimize attack surfaces and improve defense-in-depth
• Collaborate with infrastructure, autonomy, and mission software teams to define policies for software update security, telemetry handling, and secure provisioning
• Partner with compliance and certification teams to align systems with NIST, FedRAMP, and/or DoD cybersecurity frameworks
• Serve as a technical point of contact for external security assessments, penetration testing, and red team exercises

Key Outcomes:

• System-wide Security Architecture: well-defined, modular security architecture adopted across autonomy, developer tools, and fielded systems
• Integrated Secure SDLC Practices: security design and validation embedded into the software development lifecycle and CI/CD pipelines
• Resilient Identity & Access Control: robust IAM, authentication, and secure communication protocols implemented across cloud, edge, and vehicle systems
• Attack Surface Reduction: system-level threat models maintained; critical vulnerabilities proactively mitigated
• Deployment Readiness: platforms hardened for operational use in contested and adversarial environments; Hivemind software products deployed into secure environments (e.g. FedRAMP, IL3/IL5/etc)
• Cross-Team Security Alignment: security requirements clearly communicated and tracked across product and engineering teams

Required qualifications:

• 10+ years in cybersecurity engineering or architecture
• Strong knowledge of modern cryptography, secure systems design, and authentication protocols
• Experience designing secure architectures for distributed, embedded, or autonomy-related systems
• Familiarity with CI/CD pipelines, static analysis, container security, and SBOM practices
• Proven ability to lead security initiatives across software and infrastructure teams
• Experience with risk assessment methodologies and adversarial modeling

Preferred qualifications:

• Strong programming and review skills in C++, Python, Go, and Typescript
• Experience in defense, aerospace, or critical infrastructure environments
• Knowledge of security certification processes (e.g., RMF, FedRAMP, NIST 800-53, DoD STIGs)
• Familiarity with secure boot, TPMs, hardware root of trust, and embedded device hardening
• Hands-on experience with secure telemetry, remote attestation, and anti-tamper design
• Background in red teaming, incident response, or forensic readiness
• Active security certifications such as CISSP, GSE, OSCP, or equivalent

#LI-LD1#LF
Full-time regular employee offer package: Pay within range listed + Bonus + Benefits + Equity
Temporary employee offer package: Pay within range listed above + temporary benefits package (applicable after 60 days of employment)
Salary compensation is influenced by a wide array of factors including but not limited to skill set, level of experience, licenses and certifications, and specific work location. All offers are contingent on a cleared background and possible reference check. Military fellows and part-time employees are not eligible for benefits. Please speak to your talent acquisition representative for more information.
###
Shield AI is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, marital status, disability, gender identity or Veteran status. If you have a disability or special need that requires accommodation, please let us know.