Cyber Security Engineer

Who We AreNeros is a defense technology company rebuilding America’s drone industrial base. We design and manufacture high-performance unmanned systems that are tested in combat, iterated at startup speed, and built at massive scale. Our team culture is fast, hands-on, and obsessed with closing the gap between design and deployment.As drones transform the character of warfare, Neros is delivering the systems the West needs to compete on the modern battlefield and deter the adversaries of democracy. We’re hiring engineers, operators, and builders who want to move fast, take on extreme ownership, and get capability into the hands of warfighters in months, not years.What You Will Be DoingJoin Neros as a Senior Cybersecurity Engineer and take ownership of the security program that protects our defense technology platforms. You'll build and mature our cybersecurity capabilities from the ground up — architecting detection and response systems, engineering security controls across cloud and endpoint environments, and ensuring compliance with NIST, ISO, and CIS frameworks. This is a high-impact, hands-on role at a fast-moving defense tech startup for a security professional who thrives as both architect and operator.ResponsibilitiesBuild and operationalize the enterprise cybersecurity program, owning security architecture, detection and response, governance, and automationEngineer and manage the security technology stack including Microsoft Defender XDR, endpoint protection platforms, SIEM/MDR solutions, and Azure/M365 security controlsLead incident response operations — containment, investigation, remediation — and coordinate with leadership and stakeholders on findings and risk posturePerform security audits, vulnerability assessments, and penetration testing to identify and remediate weaknesses across infrastructure, applications, and cloud environmentsDevelop and enforce security policies, procedures, and compliance programs aligned to NIST 800-171 and ITAR controls.Automate security workflows and build detection logic to improve alert fidelity, operational efficiency, and coverage across the environmentEstablish change control processes, security baselines, and security awareness training programsYou should have the following8+ years of progressive experience in cybersecurity engineering, with demonstrated ability to build and operate security programs — not just maintain existing onesDeep hands-on expertise with the Microsoft security ecosystem including Defender XDR (Endpoint, M365, Identity, Cloud Apps), Entra ID Protection, and Azure/M365 security controlsProven experience deploying and managing MDR/SIEM solutions for 24/7 threat monitoring and SOC operations (e.g., Rapid7, Secureworks Taegis XDR, or equivalent)Strong background in incident response — containment, investigation, remediation, forensic preservation, and stakeholder communicationWorking knowledge of compliance frameworks including NIST 800-171, NIST CSF, CIS benchmarks, and PCI DSS, with hands-on experience performing audits and control assessmentsExperience conducting vulnerability assessments and penetration testing across infrastructure, applications, and cloud environmentsProficiency with endpoint protection platforms, Microsoft security baseline configuration, and change control programsDemonstrated ability to automate security workflows using AI-assisted tooling, XDR automation, or scriptingStrong communication skills — able to translate security risks and technical findings for non-technical leadership and cross-functional teamsRelevant certifications preferred: MCSA, CISSP (in progress acceptable), CompTIA Security+/CySA+, or equivalentNice to haveExperience building a cybersecurity program from scratch at a startup or early-stage companyFamiliarity with ISO standards, 27001 in particularFamiliarity with network segmentation tools (e.g., Illumio) and next-gen firewall administration (Palo Alto, Zscaler)Experience with security awareness platforms (KnowBe4 or equivalent) and phishing simulation programsBackground in systems administration (Active Directory, Citrix, SCCM, Intune) providing depth of understanding of the environments being securedExperience with Tenable.ot or OT security in operational technology environmentsCISSP, SANS GIAC, or advanced Microsoft security certificationsEligibility or willingness to obtain a security clearance for potential future classified workUS Salary Range$80,000 - $135,000 USDThe salary range for this role is an estimate based on a wide range of compensation factors, inclusive of base salary only. Actual salary may vary based on (but not limited to) work experience, education and/or training, critical skills, and/or business considerations. Highly competitive equity grants are considered part of Neros' total compensation package.We’re an equal opportunity employer. We welcome all applicants without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.