Lead Security Software Engineer

Lead Security Engineer

We're a fast-moving team of aviators, engineers, and operators on a mission to transform aviation with an AI platform that makes flying safer, more efficient, and more capable. Backed by top investors and having already secured a dozen Department of Defense contracts and worked with three major airlines, we're flying through barriers and working on a mission that matters.

At Beacon AI, there are no silos or layers of overhead. Small, focused teams own what they build, ship fast, and learn even faster. Every line of code, data pipeline, or system we design pushes the boundaries of how humans and AI work together in the cockpit and beyond. If you thrive at the intersection of hard-tech ambition and mission urgency, you'll build faster here than anywhere else.

Role Overview: We are seeking a highly skilled and motivated Lead Security Engineer to join our team. In this role, you will be responsible for ensuring the security and integrity of our systems and data, with a particular focus on integrations with both commercial and Department of Defense (DoD) customers. You will play a critical role in protecting our advanced flight safety system, safeguarding sensitive information, and ensuring compliance with industry standards and regulations. This is a hands-on role requiring expertise in security engineering, not just program management.

Key Responsibilities:

• Security Architecture: Design and implement robust security architectures for our applications and infrastructure, ensuring they are resilient against threats.
• Data Security: Develop and enforce security policies and procedures to protect data, both at rest and in transit, ensuring confidentiality, integrity, and availability.
• Vulnerability Management: Conduct regular security assessments, vulnerability scanning, and penetration testing to identify and mitigate security risks.
• Compliance: Ensure compliance with relevant security standards and regulations, including those specific to commercial and DoD customers.
• Incident Response: Lead incident response efforts, including the identification, containment, eradication, and recovery from security incidents.
• Secure Development Practices: Work closely with development teams to integrate security best practices into the software development lifecycle (SDLC).
• Monitoring and Logging: Implement and manage security monitoring and logging solutions to detect and respond to security events in real-time.
• Training and Awareness: Conduct security training and awareness programs for employees to promote a security-conscious culture.
• Third-Party Assessments: Evaluate the security posture of third-party vendors and ensure they meet our security requirements.
• Documentation: Develop and maintain comprehensive security documentation, including policies, procedures, and incident reports.
• Broad Security Coverage: Provide broad levels of security coverage, reviewing IP infrastructure, hardware, and ensuring cloud and data protections.
• System Security: Ensure the security of the entire system, including aircraft, office space, hardware, and network configurations.
• Certification Expertise: Be knowledgeable about relevant aviation security certifications and ensure our systems meet those standards.
• Endpoint Security: Ensure endpoints are secure and not susceptible to hacking, leveraging tools like AWS for basic security measures.

What Will Make You Successful:

• Security Expertise: Strong knowledge of security principles, practices, and technologies.
• Experience: 5-9 years of experience in a security engineering role, with a focus on protecting complex systems and data.
• Certifications: Relevant security certifications (e.g., CISSP, CISM, CEH) are highly desirable.
• Technical Skills: Proficiency in security tools and technologies, such as firewalls, IDS/IPS, SIEM, and encryption.
• Compliance Knowledge: Familiarity with security standards and regulations, including NIST, ISO 27001, GDPR, and CMMC.
• Analytical Skills: Strong analytical and problem-solving abilities, with attention to detail.
• Communication: Excellent communication and collaboration skills, with the ability to work effectively across teams.
• Passion for Security: A genuine passion for cybersecurity and staying current with emerging threats and trends.
• Hands-On Approach: Ability to perform hands-on security engineering tasks, not just program management.

Bonus Points:

• Aviation Experience: Experience working within the aviation industry or DoD customers.
• Advanced Technologies: Knowledge of advanced security technologies, such as zero trust architectures and AI-driven security solutions.
• Aviation Security: Passion for aviation and improving the security of air-travel systems.

This is a hybrid role and requires working from our San Carlos, CA office at least three days a week, with the option to work remotely the remaining days.

Perks & Benefits for Full-Time Employees:

• Comprehensive Healthcare Coverage: Enjoy peace of mind with our generous health benefits, with 80% of medical costs covered by the company for the employee and 25% for their dependents.
• Paid Time Off: Recharge and relax with 3 weeks of paid vacation, in addition to 13+ company-paid holidays each year.
• Connectivity Stipend: Stay connected with our cell phone benefit, ensuring you have the tools you need to excel in your role.
• Health and Wellness Allowance: Use this towards a gym membership or subscription to a meditation app, empowering you to prioritize self-care and maintain a healthy lifestyle.
• Financial Planning: Prepare for the future with our 401(k) program. While we currently do not offer matching, we are committed to enhancing this benefit in the future.

For nearly all roles, the following may apply:

At this time, due to United States Department of State regulations, we are only able to hire U.S. Persons. A U.S. Person is a lawful permanent resident (U.S. citizen, legal immigrant with a 'Green Card', or a protected individual who has been granted permanent asylum or refugee status.) These aerospace restrictions mean that we are unable to provide visa sponsorship or consider candidates who require visa transfers. Applicants must be authorized to work in the United States without the need for visa sponsorship now or in the future. All work must be performed in the United States.

Beacon AI provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. In addition to federal law requirements, employer complies with applicable state and local laws governing nondiscrimination in employment. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training. Employer expressly prohibits any form of workplace harassment based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of employees to perform their job duties may result in discipline up to and including discharge.