Senior Platform Security Engineer
NorthMark Compute & Cloud (NMC) is backed by dedicated leadership and investment, with a clear mission as it operates at the bleeding edge of technology. Its goal is to scale and enhance the high-performance computing (HPC) and cloud infrastructure that supports its clients' research, production, and delivery, enabling breakthroughs that shape the industries of tomorrow. Its engineers build critical infrastructure to eliminate friction in scientific research, simulations, analysis, and decision-making, accelerating discovery and driving faster innovation.
The Platform Security team sits within NMC's Security organization and is responsible for securing the engineering platforms and infrastructure that power our HPC and cloud environment. Our mission is to build real-time security visibility and a proactive vulnerability management capability into the core of how NMC's platforms are built and operated ensuring that security is never an afterthought in an environment where the stakes are exceptionally high.
As a Senior Platform Security Engineer, you will play a pivotal role in detecting, assessing, and remediating vulnerabilities across our platform engineering stack from bare-metal infrastructure and container orchestration through to cloud services and software supply chains. You will collaborate closely with Platform Engineering and DevOps teams to embed real-time threat detection and vulnerability management into the development lifecycle, ensuring our infrastructure is resilient, continuously monitored, and hardened against emerging threats.
Responsibilities:
- Own the design and operation of NMC's vulnerability management program across the platform engineering stack, including infrastructure, containers, and cloud services
- Implement and tune real-time security monitoring and threat detection tooling, ensuring high-fidelity signal across our HPC and cloud environments
- Partner with Platform Engineering and DevOps teams to integrate security scanning and vulnerability assessment into CI/CD pipelines and Infrastructure-as-Code workflows
- Lead vulnerability triage and prioritization, working with engineering teams to drive timely and effective remediation of identified risks
- Conduct platform-level security assessments, contributing to threat modelling and attack surface analysis across our infrastructure and software supply chain
- Develop automation to continuously assess the security posture of our platforms, reducing manual effort and improving detection coverage
- Contribute to the continuous improvement of platform security practices, tooling, and processes, helping foster a security-first culture across engineering
Requirements:
- 6+ years of experience in security engineering, with a strong focus on platform, infrastructure, or application security
- Hands-on experience with vulnerability management tooling and real-time security monitoring platforms (e.g. Qualys, Tenable, Wiz, Lacework, Prisma Cloud, or similar)
- Strong understanding of software and infrastructure security, including container security, supply chain risk, secrets management, and secure configuration
- Experience securing container orchestration platforms such as Kubernetes and OpenStack, and cloud environments including AWS and/or Azure
- Proficiency in Linux and familiarity with how platform engineering teams build and operate infrastructure
- Experience integrating security tooling into CI/CD pipelines and IaC workflows, with scripting ability in Python, Bash, Go, or similar
- Good knowledge of vulnerability scoring frameworks (CVSS), exploit maturity, and risk-based prioritization
- A strong interest in the security domain and a collaborative approach to working with engineering teams to solve complex technical problems
Nice to Have:
- Experience with runtime threat detection tools such as Falco or eBPF-based security tooling
- Familiarity with software supply chain security frameworks (e.g. SLSA, SBOM generation, Sigstore)
- Background working within or alongside a SOC or threat intelligence function
- Relevant certifications such as OSCP, GIAC (GPEN/GWAPT/GCSA), AWS Security Specialty, or equivalent
It is impossible to list every requirement for, or responsibility of, any position. Similarly, we cannot identify all the skills a position may require since job responsibilities and the Company's needs may change over time. Therefore, the above job description is not comprehensive or exhaustive. The Company reserves the right to adjust, add to or eliminate any aspect of the above description. The Company also retains the right to require all employees to undertake additional or different job responsibilities when necessary to meet business needs.
Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future.
Benefits & Perks:
- Company-Paid Lunch Stipend: Lunch is provided via GrubHub
- Company-Paid Benefits: 100% Employer-Paid Medical in our High Deductible Health Plan, Dental and Vision benefits for employees and their families, 16 weeks of Paid Parental Leave, Employee Assistance Program, Life insurance, Short-Term Disability and Long-Term Disability
- 401(k): Company will match 100% of your contributions up to 6%
- Optional Employee-Paid Benefits: Medical insurance in our PPO plan and a variety of other benefits such as Health Savings Accounts (with Company Contribution!), Flexible Spending Accounts, Supplemental Life Insurance, Wellhub and more.
- Time Off: 25 days of Paid Time Off plus 12 company holidays
EQUAL OPPORTUNITY EMPLOYER
NORTHMARK STRATEGIES LLC IS AN EQUAL EMPLOYMENT OPPORTUNITY EMPLOYER. THE COMPANY'S POLICY IS NOT TO DISCRIMINATE AGAINST ANY APPLICANT OR EMPLOYEE BASED ON RACE, COLOR, RELIGION, NATIONAL ORIGIN, GENDER, AGE, SEXUAL ORIENTATION, GENDER IDENTITY OR EXPRESSION, MARITAL STATUS, MENTAL OR PHYSICAL DISABILITY, AND GENETIC INFORMATION, OR ANY OTHER BASIS PROTECTED BY APPLICABLE LAW. THE FIRM ALSO PROHIBITS HARASSMENT OF APPLICANTS OR EMPLOYEES BASED ON ANY OF THESE PROTECTED CATEGORIES.
Senior Platform Security Engineer
NorthMark Compute & Cloud (NMC) is backed by dedicated leadership and investment, with a clear mission as it operates at the bleeding edge of technology. Its goal is to scale and enhance the high-performance computing (HPC) and cloud infrastructure that supports its clients' research, production, and delivery, enabling breakthroughs that shape the industries of tomorrow. Its engineers build critical infrastructure to eliminate friction in scientific research, simulations, analysis, and decision-making, accelerating discovery and driving faster innovation.
The Platform Security team sits within NMC's Security organization and is responsible for securing the engineering platforms and infrastructure that power our HPC and cloud environment. Our mission is to build real-time security visibility and a proactive vulnerability management capability into the core of how NMC's platforms are built and operated ensuring that security is never an afterthought in an environment where the stakes are exceptionally high.
As a Senior Platform Security Engineer, you will play a pivotal role in detecting, assessing, and remediating vulnerabilities across our platform engineering stack from bare-metal infrastructure and container orchestration through to cloud services and software supply chains. You will collaborate closely with Platform Engineering and DevOps teams to embed real-time threat detection and vulnerability management into the development lifecycle, ensuring our infrastructure is resilient, continuously monitored, and hardened against emerging threats.
Responsibilities:
- Own the design and operation of NMC's vulnerability management program across the platform engineering stack, including infrastructure, containers, and cloud services
- Implement and tune real-time security monitoring and threat detection tooling, ensuring high-fidelity signal across our HPC and cloud environments
- Partner with Platform Engineering and DevOps teams to integrate security scanning and vulnerability assessment into CI/CD pipelines and Infrastructure-as-Code workflows
- Lead vulnerability triage and prioritization, working with engineering teams to drive timely and effective remediation of identified risks
- Conduct platform-level security assessments, contributing to threat modelling and attack surface analysis across our infrastructure and software supply chain
- Develop automation to continuously assess the security posture of our platforms, reducing manual effort and improving detection coverage
- Contribute to the continuous improvement of platform security practices, tooling, and processes, helping foster a security-first culture across engineering
Requirements:
- 6+ years of experience in security engineering, with a strong focus on platform, infrastructure, or application security
- Hands-on experience with vulnerability management tooling and real-time security monitoring platforms (e.g. Qualys, Tenable, Wiz, Lacework, Prisma Cloud, or similar)
- Strong understanding of software and infrastructure security, including container security, supply chain risk, secrets management, and secure configuration
- Experience securing container orchestration platforms such as Kubernetes and OpenStack, and cloud environments including AWS and/or Azure
- Proficiency in Linux and familiarity with how platform engineering teams build and operate infrastructure
- Experience integrating security tooling into CI/CD pipelines and IaC workflows, with scripting ability in Python, Bash, Go, or similar
- Good knowledge of vulnerability scoring frameworks (CVSS), exploit maturity, and risk-based prioritization
- A strong interest in the security domain and a collaborative approach to working with engineering teams to solve complex technical problems
Nice to Have:
- Experience with runtime threat detection tools such as Falco or eBPF-based security tooling
- Familiarity with software supply chain security frameworks (e.g. SLSA, SBOM generation, Sigstore)
- Background working within or alongside a SOC or threat intelligence function
- Relevant certifications such as OSCP, GIAC (GPEN/GWAPT/GCSA), AWS Security Specialty, or equivalent
It is impossible to list every requirement for, or responsibility of, any position. Similarly, we cannot identify all the skills a position may require since job responsibilities and the Company's needs may change over time. Therefore, the above job description is not comprehensive or exhaustive. The Company reserves the right to adjust, add to or eliminate any aspect of the above description. The Company also retains the right to require all employees to undertake additional or different job responsibilities when necessary to meet business needs.
Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future.
Benefits & Perks:
- Company-Paid Lunch Stipend: Lunch is provided via GrubHub
- Company-Paid Benefits: 100% Employer-Paid Medical in our High Deductible Health Plan, Dental and Vision benefits for employees and their families, 16 weeks of Paid Parental Leave, Employee Assistance Program, Life insurance, Short-Term Disability and Long-Term Disability
- 401(k): Company will match 100% of your contributions up to 6%
- Optional Employee-Paid Benefits: Medical insurance in our PPO plan and a variety of other benefits such as Health Savings Accounts (with Company Contribution!), Flexible Spending Accounts, Supplemental Life Insurance, Wellhub and more.
- Time Off: 25 days of Paid Time Off plus 12 company holidays
EQUAL OPPORTUNITY EMPLOYER
NORTHMARK STRATEGIES LLC IS AN EQUAL EMPLOYMENT OPPORTUNITY EMPLOYER. THE COMPANY'S POLICY IS NOT TO DISCRIMINATE AGAINST ANY APPLICANT OR EMPLOYEE BASED ON RACE, COLOR, RELIGION, NATIONAL ORIGIN, GENDER, AGE, SEXUAL ORIENTATION, GENDER IDENTITY OR EXPRESSION, MARITAL STATUS, MENTAL OR PHYSICAL DISABILITY, AND GENETIC INFORMATION, OR ANY OTHER BASIS PROTECTED BY APPLICABLE LAW. THE FIRM ALSO PROHIBITS HARASSMENT OF APPLICANTS OR EMPLOYEES BASED ON ANY OF THESE PROTECTED CATEGORIES.
Government Careers
Government jobs offer stability, competitive benefits, and the chance to make a meaningful impact on your community and country.
Whether you’re starting your career or seeking new opportunities, these roles provide pathways for growth, security, and service.
Explore positions across a wide range of fields and take the first step toward a rewarding future in public service.
MORE JOBS
-
Indirect Fire Weapons Operator (On-Call)
- El Paso, Texas
- Kratos Defense
- Jul 01, 2026
-
13U1 Field Artillery - Start Your Career with the US Army
- Antioch, California
- US ARMY
- Jul 01, 2026
-
Aircrew Rescue Swimmer & Navy Diver
- Rockport, Texas
- U.S. Navy
- Jul 01, 2026
-
14U1 Air and Missile Defense Crewmember
- Fresno, California
- US ARMY
- Jul 01, 2026
-
Intelligence Reports Officer (5854)
- Arlington, Virginia
- Three Saints Bay
- Jul 01, 2026
-
Sr. Client Service Leader - U.S. Air Force
- Salt Lake City, Utah
- CDM Smith
- Jul 01, 2026