Startup Jobs
Post a Job

Commonwealth Fusion Systems is hiring a

Senior Application Security Engineer

Devens, United States
Full-Time
Remote
About Commonwealth Fusion Systems: 

Commonwealth Fusion Systems is on a mission to deliver the urgent transition to fusion energy.

Combining decades of research, top talent and new technologies, we’re designing and building commercially viable fusion power plants. And working with policymakers and suppliers to build the energy industry of the future. 

We’re in the best position to make it happen. Since 2018, we’ve raised over $2 billion in capital – more than any other fusion energy company in the U.S.

Now we’re looking for more thinkers, doers, builders, and makers to join us. People who’ll bring new perspectives, solve tough problems, and thrive as part of a team. 

If that’s you and this role fits, we want to hear from you.

The Senior Application Security Engineer reports to the Director of Cybersecurity and is primarily responsible for application and cloud infrastructure security at CFS. As part of a team of cybersecurity engineers, the role provides systems administration for cybersecurity operations and security advice to advance the cybersecurity program. This may include assisting in the implementation and administration of systems, ranging from firewalls to SIEM, DLP, network security, threat intelligence, vulnerability management, DevSecOps, OT, and EDR. This role includes strong collaboration with internal IT teams, as well as the promotion of cybersecurity awareness and training.

This team member will:

  • Partner with various software development teams to enhance our secure SDLC efforts
  • Advance the security of our IaaS and codebase in a DevOps environment, from development to production (e.g. SAST, APIs, DAST, IaC, WAF, CSPM, CWPP)
  • Assist with vulnerability management and threat intelligence, tracking and mitigating threats as necessary
  • Seek opportunities to apply automation and DevSecOps thinking, via threat intelligence analysis, security orchestration, and other operational efficiencies
  • Contribute to the administration of cybersecurity tools needed to achieve the cybersecurity mandate (SIEM, DLP, IAM, PAM, EPP/EDR, MDM, etc.)
  • Maintain current knowledge of new products and industry trends, and recommends enhancements and purchases that allow CFS to maintain a healthy and functional environment
  • Provide technical consulting to management, business users, and technical associates to ensure that applications and platforms are secure
  • Architect, design, implement, maintain and operate information system security controls and countermeasures; documents the operation, use, and expected outputs of these systems
  • Analyze and recommend security controls and procedures in business processes related to use of information systems and assets, and provides oversight to ensure compliance and alignment with security standards/frameworks (NIST 800-53)
  • Help promote a culture of cybersecurity awareness via outreach and training

The ideal candidate will have most, if not all, of these requirements:

  • Bachelor degree in Cybersecurity, Computer Science or equivalent experience
  • Relevant certification in the Cybersecurity field (CISSP preferred)
  • 5 years experience in a hands-on application security focused role
  • Experience securing IaaS (AWS) and cloud-native applications in a DevOps environment, from development to production (e.g. SAST, APIs, DAST, IaC, WAF, CSPM, CWPP, BSIMM, SAMM)
  • Demonstrated ability to apply fundamental cybersecurity and IT concepts to tasks and projects
  • Ability to work in a fast-paced environment and prioritize tasks/projects
  • DevSecOps/automation of security tasks
  • Excellent analytical and problem solving skills, and attention to detail
  • Evidence of personal focus on continuous learning

Additional experience and/or qualifications:

  • AWS Security certification
  • Hands-on experience managing enterprise security technologies (SIEM, firewall, IDS/IPS, EPP/EDR, IAM, DLP, etc.)
  • Familiarity with regulatory, compliance, and security frameworks (NIST, ISO, SOC 2)
  • Computer forensics
  • Ability to type, stand, and sit for extended periods of time
  • Willingness to occasionally travel or work required nights/weekends/on-call
  • Work in a facility that contains industrial hazards including heat, cold, noise, fumes, strong magnets, lead (Pb), high voltage, high current, pressure systems, and cryogenics
  • #LI-Remote

At CFS, we excel in fast-paced environments, driven by our values of integrity, execution, impact, and self-critique. As we grow, we’re eager to bring on mission-driven folks who offer diverse perspectives and fresh ways to tackle challenges.

We value diversity deeply and are proud to be an equal opportunity employer by choice. We consider all qualified applicants equally, regardless of race, color, national origin, ancestry, citizenship status, protected veteran status, religion, physical or mental disability, marital status, sex, sexual orientation, gender identity or expression, age, or any other basis protected by law.
Apply for this job

Please mention you found this job on AI Jobs. It helps us get more startups to hire on our site. Thanks and good luck!

Get hired quicker

Be the first to apply. Receive an email whenever similar jobs are posted.

Ace your job interview

Understand the required skills and qualifications, anticipate the questions you may be asked, and study well-prepared answers using our sample responses.

Senior Application Security Engineer Q&A's
Report this job
Apply for this job