Security Engineer- Trusted Systems

We are seeking a Cleared Principal Security Engineer – Trusted Systems to lead and execute the security functions for high-assurance systems supporting mission-critical environments. This role sits at the intersection of security engineering, cryptographic systems, and compliance, ensuring that trusted platforms meet the highest standards for security and integrity.

The ideal candidate understands how to navigate RMF and compliance frameworks while also being hands-on: analyzing source code, implementing security tooling, and working directly with software and systems engineer to secure complex mission-critical systems.  This is a role for someone who wants to own security end-to-end, from architecture and controls to implementation and verification.

Company Description

TrustThink is a cybersecurity engineering firm focused on the design and evaluation of trusted systems. We work on complex, connected systems of systems that must operate securely across multiple platforms, organizations, and operational environments. Our projects span areas such as connected and automated vehicles, uncrewed systems, medical devices, and cryptographic infrastructure. The team regularly contributes to technical standards, security architecture, and system evaluations that help organizations deploy resilient technologies in safety-critical environments.

Role Description

This is a full-time on-site role for a Principal Security Engineer - Trusted Systems, located in San Diego, CA. Duties include:

Security Engineering

·      Lead security engineering activities for trusted and high-assurance systems

·      Evaluate system architectures and identify potential security risks and attack surfaces

·      Perform source code analysis and secure code reviews

·      Implement and validate security controls across software, infrastructure, and system components

·      Integrate security tooling, vulnerability scanning, and automated analysis into development pipelines

·      Conduct vulnerability analysis and support engineering teams in remediation and secure design improvements

Security Architecture and Requirements

·      Maintain Security Engineering Requirements Documents (SERD) to define system security requirements

·      Translate security policies, threats, and compliance obligations into actionable engineering requirements

·      Develop and maintain Security Requirements Traceability Matrices (SRTM) linking requirements to system implementation and verification

·      Support security architecture reviews and ensure security considerations are integrated throughout the system lifecycle

Security Compliance and Accreditation

·      Lead system security compliance activities aligned with the Risk Management Framework (RMF)

·      Develop and maintain accreditation artifacts including System Security Plans (SSP), security control implementations, and POA&Ms

·      Implement and assess NIST 800-53 security controls within operational systems

Coordinate with ISSOs, ISSMs, and Authorizing Officials during assessment and authorization activities

·      Support continuous monitoring, security assessments, and audit readiness

Collaboration

·      Partner with engineering teams to embed secure development practices and security-by-design principles

·      Translate compliance and security requirements into practical engineering solutions

·      Provide technical security guidance throughout the system development lifecycle (SDLC)

Required Qualifications

·      Active Secret security clearance (required)

·      Bachelor’s degree in Computer Science, Cybersecurity, Computer Engineering, or a related technical field, or equivalent practical experience

·      5+ years of cybersecurity or security engineering experience supporting complex software or system environments

·      Experience implementing and assessing NIST SP 800-53 security controls

·      Experience supporting systems operating under the Risk Management Framework (RMF)

·      Ability to perform source code reviews, vulnerability analysis, and security assessments

·      Experience working closely with software and systems engineering teams to integrate security into system design and development

·      Strong understanding of secure system architecture, threat analysis, and security control implementation

Preferred Qualifications

·      Experience engineering systems to meet Security Engineering Requirements Documents (SERD) requirements

·      Familiarity with high-assurance systems cryptographic systems

·      Experience integrating security tooling, vulnerability scanning, or automated security testing into development pipelines

·      Familiarity with government or defense system security environments