Security & Compliance Engineer at Nominal

New York, New York, United States

Apply Now
Nominal Logo
Not SpecifiedCompensation
Mid-level (3 to 4 years), Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
Aerospace, Defense, Autonomous VehiclesIndustries

Requirements

  • 4+ years of experience working as a Security Engineer/Security Analyst
  • Hands-on expertise in endpoint protection, event monitoring and logging (EDR & SIEM)
  • Incident handling experience including incident preparation, detection, analysis, containment & eradication, and post-mortem
  • Strong understanding of system administration, including network setup (VPN, SSIDs, firewalls), software & hardware allowlisting/blocklisting, encryption & secure protocols, identity and access management controls
  • Familiarity with cloud environments such as AWS GovCloud, Microsoft Azure, Microsoft Government Community Cloud (GCC)
  • Experience implementing and maintaining compliance frameworks such as CMMC, NIST 800-171, FedRAMP, NIST 800-53, DoD Impact Levels (IL4/5), National Security Systems (NSS), SOC2, and ISO 27001/27002
  • Experience with federal contracting and data protection requirements, whether in government or industry settings
  • Experience conducting risk assessments, vulnerability management, and security control testing to proactively identify and mitigate risks

Responsibilities

  • Own the security posture by hardening Nominal’s software platform (both security and availability), deploying into secure environments, and setting up for success with large DoD and enterprise customers
  • Detect and respond to threats by strengthening operational and product security through active monitoring, threat detection, and incident response; manage endpoint protection and logging tools (e.g., EDR, SIEM), investigate alerts, and collaborate with engineering to close gaps
  • Plan and execute GRC initiatives by translating requirements (e.g., CMMC, NIST 800-171, FedRAMP, NIST 800-53, IL 4/5, NSS) into technical actions and policies; assist with maintenance of the Information Security Program and apply standards to classified, air-gapped environments
  • Coach the team by creating and delivering training to ensure high technical standards for security and compliance; provide guidance on procurement or download of secure, vetted third-party software, applications, and libraries
  • Communicate the standard by preparing communications for government partners, assessors, auditors, and customers explaining Nominal’s technical security posture for software platform and IT systems/endpoints
  • Assist with incident response, manage Nominal’s network, ensure endpoint security, and establish baseline device configuration
  • Guarantee technical compliance with information security standards and support authority to operate (ATO) initiatives

Skills

Key technologies and capabilities for this role

Information SecurityGRCCMMCNIST 800-171FedRAMPNIST 800-53EDRSIEMIncident ResponseEndpoint ProtectionThreat DetectionProduct HardeningNetwork Management

Questions & Answers

Common questions about this position

What experience level is required for this Security & Compliance Engineer role?

The role requires 4+ years of experience working as a Security Engineer or Security Analyst.

Is this a remote position or does it require office work?

This information is not specified in the job description.

What is the salary or compensation for this position?

This information is not specified in the job description.

What kind of team and work environment can I expect at Nominal?

Nominal is a small, fast-moving team of engineers and operators who own problems end-to-end, work across disciplines, and thrive on challenges at the intersection of hardware and software.

What skills and responsibilities make a strong candidate for this role?

Strong candidates will have technical excellence in product hardening and information security, experience with threat detection, incident response, GRC frameworks like CMMC and NIST 800-171, and the ability to coach teams and communicate security posture to partners.

Nominal

Software tools for engineering hardware systems

Website

About Nominal

Nominal.io provides software tools designed specifically for engineering teams working with complex hardware systems. Their platform allows these teams to test and deploy hardware systems significantly faster than traditional methods, making it particularly beneficial for industries such as aerospace, defense, energy, and telecommunications, where hardware performance is critical. The platform consolidates data from various sources, enabling engineers to monitor and analyze their systems effectively in a secure environment. Unlike many competitors, Nominal.io focuses on a niche market with high demands for reliability, offering a software-as-a-service (SaaS) model that ensures clients have continuous access to the latest features. The company's goal is to enhance the resilience and performance of hardware systems, positioning itself as a key partner for engineering teams looking to improve their deployment processes.

Austin, TexasHeadquarters
2022Year Founded
$26.7MTotal Funding
SERIES_ACompany Stage
Industrial & Manufacturing, Enterprise Software, Aerospace, DefenseIndustries
51-200Employees

Benefits

Health Insurance
Dental Insurance
Vision Insurance
Unlimited Paid Time Off
Professional Development Budget
Quarterly company retreats

Risks

AWS's space accelerator program increases competition in the aerospace sector.
Reliance on government partnerships exposes Nominal to policy and budget changes.
Rapid tech advancements could render Nominal's offerings obsolete without innovation.

Differentiation

Nominal offers a secure platform for mission-critical hardware data management.
The company accelerates hardware testing and deployment up to ten times faster.
Nominal's SaaS model ensures continuous access to the latest features and updates.

Upsides

Recent $27.5M funding strengthens Nominal's financial foundation and market reach.
Partnerships with the U.S. government enhance opportunities in aerospace and defense.
Leadership experience from SpaceX, Palantir, and NASA boosts industry credibility.

Related Jobs

United States +4 more
Remote iconRemote

Security Engineer, Product Security

Chainlink Labs
Salary not specified
  • Employment type iconFull Time
  • Experience level iconMid-level (3 to 4 years), Senior (5 to 8 years)
United States
Remote iconRemote

Compliance Engineer

Flock Safety
$176,000 - $220,000/year
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years)
San Antonio
Remote iconRemote

Senior Cybersecurity Engineer

Humana
Salary not specified
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years)
New York
Remote iconRemote

Information Security Engineer

Algolia
Salary not specified
  • Employment type iconFull Time
  • Experience level iconMid-level (3 to 4 years), Senior (5 to 8 years)
United States
Remote iconRemote

Principal Software Engineer, GRC

Vanta
$285,000 - $335,000/year
  • Employment type iconFull Time
  • Experience level iconExpert & Leadership (9+ years)
United States
Remote iconRemote

Security Engineer, Cloud Security

Red Cell Partners
Salary not specified
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years), Expert & Leadership (9+ years)
Remote
Remote iconRemote

Principal DevSecOps Engineer

Second Front Systems
Salary not specified
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years)
San Francisco
Remote iconRemote

Security Operations Lead

Earnest
Salary not specified
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years), Expert & Leadership (9+ years)

Land your dream remote job 3x faster with AI

Try Jobo Free