InfoSec Engineer

Hadrian — Manufacturing the Future
Hadrian is building autonomous factories that help aerospace and defense companies make rockets, jets, and satellites 10x faster and 2x cheaper. Our CEO, Chris Power, discusses the importance of what we're building in this video.
We are a lean but mighty team (and growing!) people that are passionate about building critical infrastructure to support the nation and the advancement of humanity.
To support our ambitious vision, we have raised > $200M from Lux Capital, A16Z, Founders Fund, Construct Capital, Caffeinated Capital, and more.

Every part of our company relies on robust security and effective systems – from day-to-day factory operations to supply chain integrations, resource scheduling, hardware data security, and compliance with industry standards. In this role, you will be a critical member of our security organization, responsible for designing, deploying, and maintaining secure systems, networks, and platforms to protect critical infrastructure and ensure compliance. You will be challenged to think strategically and solve complex security and compliance challenges. You will work cross-functionally with IT specialists, software engineers, and production teams to develop innovative solutions that safeguard our operations and drive toward secure, fully automated factories.

In this role you will:

• Configure, monitor and manage Security Logging Infrastructure.
• Administer and manage IAM systems, including Active Directory, Azure AD, and Okta, ensuring proper implementation of SSO, MFA, and RBAC.
• Deploy and manage endpoint protection systems (e.g., EDR/XDR), ensuring secure configuration across factory endpoints, remote devices, and cloud environments.
• Conduct vulnerability assessments, implement patch management processes, and monitor for threats using SIEM and vulnerability management tools (e.g., Splunk, Nessus).
• Configure, monitor, and maintain PKI infrastructure and certificate management systems (e.g., NDES/SCEP).
• Lead security analysis, identifying and mitigating risks in network, software, and SaaS configurations.
• Maintain and enforce compliance requirements for NIST 800-171, CMMC, and ITAR, including completing SSPs and POAMs.
• Collaborate with IT and DevOps teams to integrate security controls into CI/CD pipelines and Kubernetes environments.
• Document security processes, configurations, and incident response procedures, maintaining an up-to-date inventory of security systems.
• Provide Tier 3 support for security-related issues, working with vendors to resolve complex security incidents.
• Analyze system performance, identify vulnerabilities, and develop solutions to improve resilience and mitigate threats.
• Deploy and maintain secure SaaS configurations, ensuring adherence to security best practices and compliance standards.
• Educate and train employees on secure practices, policies, and advanced security tools.
• Design, deploy, and maintain network security policies across on-premises and cloud environments (e.g., firewalls, VPCs, NAC, and VPN configurations).

Admired skills / background:

• Expertise in Zero Trust Architecture design and implementation.
• Advanced knowledge of container security for Kubernetes (e.g., Kyverno, OPA, Sysdig Secure).
• Experience building automated threat detection and response workflows with SOAR tools.
• Strong understanding of cloud-native security principles in AWS and Kubernetes.
• Proficiency with advanced forensics tools (e.g., Velociraptor, Autopsy, Volatility).
• Deep familiarity with hardware security for embedded systems and IoT devices.
• Experience conducting penetration testing and red team exercises.
• Strong grasp of secure coding practices and application security fundamentals.
• Proven ability to architect scalable, automated compliance monitoring systems.
• Strong mentorship capabilities to train and develop security skills across teams.

You might be a good fit if...

• Experience managing logging infrastructure.
• Proficient in Detection Engineering.
• Proficient in managing IAM systems such as Active Directory, Azure AD, and Okta, including SSO, MFA, and RBAC.
• Experienced with endpoint protection tools like CrowdStrike, SentinelOne, or Microsoft Defender for Endpoint.
• Familiarity with SIEM platforms (e.g., Splunk, Datadog, Microsoft Sentinel) and vulnerability management tools (e.g., Nessus, Qualys).
• Have knowledge of network security technologies: IDS/IPS, NAC, and secure network segmentation.
• Experienced with compliance frameworks such as NIST 800-171, CMMC, and ITAR, including SSP and POAM development.
• Proficient in secrets management and certificate infrastructure (e.g., HashiCorp Vault, NDES, PKI).
• Familiar with DevSecOps practices, including integrating security controls into CI/CD pipelines and Kubernetes environments.
• Experienced with infrastructure automation using tools like Terraform, Ansible, and GitOps workflows.
• Familiar with SaaS security best practices and tools, ensuring proper hardening and secure integration.
• Capable of documenting security architectures, incident response plans, and system configurations for team knowledge sharing.
• Effective at analyzing complex security issues and proposing scalable, resilient solutions.
• Passionate about securing systems that drive real-world outcomes in fast-paced, high-stakes environments.
• A highly effective communicator who can convey technical security information to both technical and non-technical stakeholders.
• Experienced with firewall administration (PANOS, JUNOS) and VPN configuration in cloud and on-prem environments.
• Able to work from our Los Angeles Factory (Torrance).

Compensation and Benefits
For this role, the target salary range is $120,000 - $165,000 (actual range may vary based on experience). 
This is the lowest to highest salary we reasonably and in good faith believe we would pay for this role at the time of this posting. We may ultimately pay more or less than the posted range, and the range may be modified in the future. An employee’s pay position within the salary range will be based on several factors including, but not limited to, relevant education, qualifications, certifications, experience, skills, geographic location, performance, and business or organizational needs.
In addition to salary and equity, we offer:• 100% coverage of platinum medical, dental, vision, and life insurance plans for employees• 401k• Relocation stipend if you’re moving from outside of LA• Flexible vacation policy 
It is the policy of Hadrian Automation, Inc. to provide equal employment opportunities without regard to race, color, religion, sex, national origin, age, disability, marital status, veteran status, sexual orientation, genetic information or any other protected characteristic under applicable law.
ITAR Requirements
To conform to U.S. Government space technology export regulations, including the International Traffic in Arms Regulations (ITAR) you must be a U.S. citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C. 1324b(a)(3), or eligible to obtain the required authorizations from the U.S. Department of State. Learn more about the ITAR here.