Corporate Security Engineer

Saronic Technologies is a leader in revolutionizing defense autonomy at sea, dedicated to developing state‑of‑the‑art solutions that enhance maritime operations for the Department of Defense (DoD) through autonomous and intelligent platforms.

As a Corporate Security Engineer, you’ll safeguard the systems that power Saronic’s mission. You’ll engineer, harden, and operate Microsoft 365 and AWS environments to meet defense‑grade security requirements while protecting our people, data, and operations.

You’ll own the protection of every employee, system, and credential. Your work will secure the full user lifecycle by automating onboarding/offboarding, protecting remote and traveling employees, and minimizing human‑targeted risks like phishing and social engineering.

You will design secure‑by‑default platforms, automate compliance and monitoring through cloud solutions, and ensure our environments remain resilient, frictionless, and compliant.

At Saronic, security is a force multiplier; security is not a blocker. You will have the autonomy to build and the mandate to innovate, working side‑by‑side with engineers who are developing technology that directly supports national defense. This role is ideal for someone who wants to own security at scale, shape a defense‑grade security program, and see their impact every day.

You’ll thrive here if you’re driven by mission, biased toward action, and enjoy working in a high‑trust, low‑ego team that values resilience, integrity, and creativity.

• Administer and secure multiple Microsoft 365 GCC High and Microsoft 365 commercial tenants and AWS Gov Cloud and commercial accounts to align with NIST SP 800-171, NIST CSF, and ISO 27001 standards.
• Configure and harden identity and access management (Entra , AWS IAM), data loss prevention (Purview), and conditional access policies to enforce multi‑factor authentication, single sign‑on, and least privilege.
• Implement security guardrails and automation in partnership with IT and Dev Ops teams using Infrastructure as Code (Terraform, Ansible, Cloud Formation).
• Continuously drive security automation and visibility improvements across people, process, and technology.

• Engineer and enforce secure device baselines and policies via Intune and Jamf for unified endpoint management.
• Configure and maintain endpoint protection platforms (Defender, Crowd Strike).
• Secure the user lifecycle through automated identity and device provisioning/de‑provisioning, least‑privilege enforcement, remote and traveling employee protection, and anomalous behavior monitoring.
• Reduce phishing and user‑targeted threats through identity hardening, email protections, and user awareness feedback loops.

• Engineer and maintain secure network architectures across global offices, remote, and cloud environments through VPNs, network segmentation, DNS filtering, secure network connectivity, and firewall configurations.
• Lead vulnerability, configuration, and asset management to maintain secure baselines and visibility across all enterprise systems.
• Support incident response through automation, playbooks, and forensic readiness.

• Harden and monitor SaaS applications through secure SaaS controls, SSO/SAML enforcement, SCIM provisioning, and least privilege.
• Manage shadow IT detection, vendor risk reviews, and data protection.

• 3+ years proven experience administering and securing Microsoft 365 through Intune + Jamf, Entra , Defender, Purview, and Sentinel.
• Hands‑on experience securing AWS environments, including secure configurations of IAM, Guard Duty, Cloud Trail, Config, Security Hub, and encryption/key management controls.
• Proven proficiency in scripting and automation (i.e., Python, Power Shell, Bash).
• Familiarity with cloud and identity ecosystems (i.e., Azure, AWS, Okta, Entra , Active Directory).
• Eligibility for a DoD security clearance required.

• Experience with highly regulated frameworks such as NIST SP 800-171, NIST SP 800-53, ISO 27001, or FedRAMP.
• Familiarity with cloud and endpoint observability and EDR tools (i.e.,…