About SkySafe

SkySafe is the leader in drone detection and airspace intelligence, delivering unmatched visibility into drone activity. As the only company offering advanced drone detection, deep analytics, and forensics, SkySafe enables organizations to detect, analyze, and act on drone activity with precision in real-time. Its cloud-based SaaS platform provides comprehensive drone data, helping distinguish between authorized drones and potential threats. By transforming complex drone data into actionable insight, SkySafe empowers organizations to act with clarity and confidence and provides the intelligence needed for smarter decision-making and safer skies.

About the Role

SkySafe is seeking a Senior Security Engineer to lead the development, documentation, and implementation of security and compliance programs across our platform. This role exists to ensure SkySafe meets critical Federal security requirements while maintaining the highest standards of data protection and operational integrity. You will own and drive compliance efforts for frameworks such as NIST 800-171 and NIST 800-53, supporting Assessment and Authorization (ATO) processes and enabling secure deployments for Federal customers.

In this role, you will collaborate closely with engineering, DevOps, and leadership teams to translate complex regulatory requirements into practical, scalable security controls. You will play a central role in building a robust security foundation that supports both Federal partnerships and broader organizational goals, including SOC 2 Type 2 certification. Your work will directly contribute to SkySafe’s mission by ensuring our platform remains secure, compliant, and trusted in high-stakes environments.

Key Responsibilities

• Lead the development, documentation, and implementation of security controls aligned with NIST 800-171 and NIST 800-53 frameworks

• Own and maintain compliance artifacts including System Security Plans (SSP), Plans of Action and Milestones (POA&M), and supporting documentation

• Drive Assessment and Authorization (ATO) efforts, including preparation of authorization packages and coordination with assessors

• Collaborate with engineering and DevOps teams to integrate security controls into cloud infrastructure, CI/CD pipelines, and application architectures

• Conduct risk assessments, maintain risk registers, and lead remediation efforts for identified security gaps

• Develop and enforce security policies, procedures, and standards aligned with Federal and customer requirements

• Evaluate and document security controls across AWS environments, containerized systems, and operational processes

• Support SOC 2 Type 2 readiness, including audit preparation, evidence collection, and control validation

• Monitor changes in regulatory requirements and proactively update security controls and documentation

• Contribute to incident response planning, documentation, and post-incident analysis

Required Skills & Experience

• 5+ years of experience in security engineering, compliance, or information assurance roles

• Deep expertise in NIST 800-171 and NIST 800-53 security frameworks

• Proven experience developing and maintaining SSPs, POA&Ms, and audit-ready compliance documentation

• Hands-on experience supporting ATO/ATT processes in Federal or defense environments

• Strong experience with AWS cloud security, including IAM, VPC architecture, encryption, and logging

• Experience implementing security controls in containerized environments (Docker, Kubernetes, ECS)

• Solid understanding of identity and access management, secrets management, and network security principles

• Excellent written communication skills with the ability to produce clear, thorough, and audit-ready documentation

• Strong organizational skills and the ability to manage multiple concurrent compliance initiatives

Nice-to-Have

• Experience supporting SOC 2 Type 2 audits and compliance readiness efforts

• Familiarity with FedRAMP authorization processes or IL4/IL5 environments

• Experience with AWS GovCloud and Federal-specific infrastructure requirements

• Relevant certifications such as CISSP, CISM, CompTIA Security+, or CAP

• Experience with compliance automation tools such as Vanta, Drata, or similar platforms

• Experience building secure multi-tenant SaaS architectures

• Familiarity with monitoring and observability tools (Prometheus, Datadog, CloudWatch) from a security perspective

Within 1 Month, You Will

• Complete onboarding and gain a deep understanding of SkySafe’s platform, architecture, and security posture

• Review existing compliance documentation, including SSPs, POA&Ms, and current control implementations

• Build relationships with engineering, DevOps, and leadership stakeholders

• Gain familiarity with active Federal compliance efforts and audit timelines

Within 3 Months, You Will

• Take ownership of compliance documentation and begin driving updates to SSPs, POA&Ms, and security policies

• Identify gaps in current NIST control implementations and initiate remediation efforts

• Collaborate with teams to integrate security controls into infrastructure and development workflows

• Support ATO preparation activities and contribute to authorization package development

Within 6 Months, You Will

• Lead ongoing ATO efforts and manage communication with assessors and stakeholders

• Implement and document key security controls across cloud and application environments

• Drive measurable progress toward SOC 2 Type 2 readiness

• Establish repeatable processes for compliance tracking, documentation, and evidence collection

Within 12 Months, You Will

• Successfully support or achieve ATO authorization for Federal deployments

• Play a key role in achieving or maintaining SOC 2 Type 2 certification

• Serve as a subject matter expert on security and compliance across the organization

• Lead the evolution of SkySafe’s security program, influencing architecture, processes, and long-term strategy

Why Join Us?

Competitive salary and benefits, including full health coverage, unlimited PTO, and flexible work hours. A supportive and innovative team environment that values collaboration and creativity. The chance to deliver high-impact solutions, contributing to the success of a small, fast-moving team where your work will make a tangible difference

If you're excited about the prospect of pushing the boundaries of what's possible in an entirely new industry, then SkySafe might be right for you!

We do not work with outside staffing agencies

This position requires access to technology, materials, software or hardware that is controlled by US export laws. In order to be eligible for this position, you must be a US person under US export laws or, eligible for approval for a U.S. Government export license. A US Person includes a US citizen, lawful Permanent Resident, refugee or asylee.

Compensation range $160K to 200K

Our salary ranges are based on paying competitively for our size and industry. Salary is just one part of our total compensation package that includes equity, perks & benefits, and development opportunities at SkySafe. Individual pay decisions are based on several factors, including qualifications for the role, experience level, skillset, geography, and balancing internal equity relative to other SkySafers.