Cybersecurity Engineer

About Castelion

Castelion is bringing a new approach to defense development and production: one that focuses on short, iterative design cycles, rapid testing in development, and modern commercial manufacturing strategies for production at scale. We're designing, building, and testing next generation long range strike weapons systems to give America and its Allies a definitive edge and deter future conflicts.

Cybersecurity Engineer

We're hiring a Cybersecurity Engineer with experience securing systems in regulated, compliance-heavy environments. If you're well-versed in frameworks like NIST SP 800-171, CMMC, or ISO 27001, and you know how to turn complex regulatory requirements into practical, enforceable security controls, you'll feel right at home here.

Based in our Torrance, CA HQ, you'll lead efforts to build, maintain, and continuously improve our security and compliance posture across both local and remote sites. You'll collaborate with cross-functional teams including IT, software development, operations, engineering, manufacturing, and legal to ensure our security controls meet both technical and regulatory standards.

This is a hands-on role where you'll be helping to implement the solutions and fixes that you find are needed.

If you love solving hard problems under strict rules, thrive in high-stakes environments, and believe security should be a business enabler not a blocker, this role is for you.

Responsibilities

• Design, implement, and maintain cybersecurity tools and systems, including firewalls, EDR, IDS/IPS, SIEM, and vulnerability scanners.
• Proactively monitor security events, investigate suspicious activity, and respond to incidents with urgency and precision.
• Develop and maintain System Security Plans (SSPs), POA&Ms, and supporting documentation for audits and assessments.
• Partner with IT and engineering teams to integrate security into infrastructure and application design (DevSecOps).
• Manage security patching cycles and lead remediation efforts based on risk assessments.
• Support audit, compliance, and risk management activities (e.g., NIST, CMMC, & others) and manage supply chain cybersecurity concerns.
• Conduct regular internal audits and readiness checks in preparation for external audits or DoD reviews.
• Serve as on-site cybersecurity expert for Torrance HQ and occasionally travel (510%) to other locations (e.g., Allen, TX).
• Mentor IT, security staff, and all employees to help foster a security-first mindset across the company.

Basic Requirements

• 4-6+ years of hands-on experience in cybersecurity engineering, infrastructure security, or related fields.
• Strong technical background in network security, endpoint protection, access control, and vulnerability management.
• Proficiency with modern security tools (e.g., CrowdStrike, Palo Alto, Nessus, Splunk, Snort, etc.).
• Experience with incident response, malware analysis, or penetration testing.
• Demonstrated experience with cloud security (AWS, Azure, or GCP).
• Deep understanding of security principles, threats, and frameworks (e.g., cyber kill chain, MITRE ATT&CK, NIST, CIS Controls).
• Strong documentation, troubleshooting, and communication skills.
• Ability to thrive in fast-paced, high-pressure environments with competing priorities.
• Ability to pivot between analyst, threat hunter, and implementer roles with ease.
• Eligibility for U.S. security clearance.

Preferred Skills and Experience

• Experience in regulated environments (DoD, aerospace, SCIFs).
• Active Security+, CISSP, CEH, or similar certification(s).
• Relevant experience with NIST 800-171, CMMC, DFARS, and/or IT in relation to cybersecurity audit readiness.
• Experience with incident response, malware analysis, or penetration testing is a plus.

All employees are granted long-term stock incentives as part of their employment as Castelion. All employees receive access to comprehensive medial, vision, and dental insurance, and the company offers three weeks of paid time off per year.

Leadership Qualities

Bias to Action and Creative Problem Solving. Desire and experience questioning assumptions in ways that lead to break through ideas that are ultimately implemented. Successfully bring in applicable processes/concepts/materials from other industries to achieve efficiency gains. The ability to personally resolve minor issues in development without requiring significant support.

High Commitment, High Initiative. A successful candidate will have a genuine passion for Castelion's mission and consistently look for ways to contribute to the company's technical goals and prevent hardware blockers. Ability to work in a fast paced, autonomously driven, and demanding atmosphere. Strong sense of accountability and integrity.

Clear Communicator. Proactively communicates blockers. Trusted in previous roles to be voice of company with regulators, suppliers, gate keepers and customers. Capable of tactfully managing relationships with stakeholders to achieve company-desired outcomes without compromising relationships. Emails, IMs and verbal interactions are logical, drive clarity, and detailed enough to eliminate ambiguity.

ITAR Requirements:

To conform to U.S. Government export regulations, applicant must be a (i) U.S. citizen or national, (ii) U.S. lawful, permanent resident (aka green card holder), (iii) Refugee under 8 U.S.C. § 1157, or (iv) Asylee under 8 U.S.C. § 1158, or be eligible to obtain the required authorizations from the U.S. Department of State.

Employment with Castelion is governed on the basis of competence and qualifications and will not be influenced in any manner by race, color, religion, gender, national origin/ethnicity, veteran status, disability status, age, sexual orientation, gender identity, marital status, mental or physical disability or any other legally protected status.