Principal Security Engineer

Clarity Innovations is a trusted national security partner, dedicated to safeguarding our nation’s interests and delivering innovative solutions that empower the Intelligence Community (IC) and Department of Defense (DoD) to transform data into actionable intelligence, ensuring mission success in an evolving world.

Our mission-first software and data engineering platform modernizes data operations, utilizing advanced workflows, CI/CD, and secure Dev Sec Ops  practices. We focus on challenges in Information Warfare, Cyber Operations, Operational Security, and Data Structuring, enabling end-to-end solutions that drive operational impact.

We are committed to delivering cutting‑edge tools and capabilities that address the most complex national security challenges, empowering our partners to stay ahead of emerging threats and ensuring the success of their critical missions. At Clarity, we are people‑focused and set on being a destination employer for top talent, offering an environment where innovation thrives, careers grow, and individuals are valued.

Join us as we continue to lead innovation and tackle the most pressing challenges in national security.

The Data Security Engineer is responsible for ensuring the confidentiality, integrity, and availability of enterprise data assets through the implementation of security controls, vulnerability management, and compliance activities. This role proactively identifies and mitigates cybersecurity risks, manages remediation efforts for identified vulnerabilities and CVEs, develops and tracks Plans of Action and Milestones (POA&Ms), and ensures adherence to organizational and regulatory security policies.

• Identify, assess, prioritize, and coordinate remediation of security vulnerabilities, including CVEs affecting infrastructure, applications, and data platforms.
• Develop, maintain, and track POA&Ms to document security findings, remediation plans, risk acceptance decisions, and closure activities.
• Monitor compliance with cybersecurity frameworks, security policies, and regulatory requirements.
• Conduct security assessments, vulnerability scans, and risk analyses to identify potential threats to data systems.
• Collaborate with engineering, operations, and development teams to implement security controls and corrective actions.
• Review system architectures and configurations to ensure data protection requirements are met.
• Support Authority to Operate (ATO), accreditation, and continuous monitoring activities.
• Investigate security incidents, document findings, and recommend corrective actions to prevent recurrence.
• Maintain security documentation, audit artifacts, and compliance evidence.

• Experience with vulnerability management and remediation processes.
• Knowledge of CVE analysis, risk prioritization, and security hardening practices.
• Experience developing and managing POA&Ms.
• Familiarity with cybersecurity frameworks such as RMF, NIST 800‑53, STIGs, and Zero Trust principles.
• Understanding of data protection, encryption, access controls, and secure system design.
• Strong written communication skills for documenting risks, findings, and compliance activities.

• 5–8 years of cybersecurity, information assurance, or security engineering experience.
• 2–3 years supporting vulnerability management, RMF, ATO, POA&M, or compliance activities.
• Bachelor's degree in Cybersecurity, Computer Science, Information Systems, Engineering, or related field (or equivalent experience).

We are an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.