Security Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

Nominal · 1 day ago

Security Engineer

positionNew York, NY
timeFull-time
remoteOnsite
seniorityMid, Senior Level
money$140K/yr - $170K/yr
date4+ years exp

Nominal is building software infrastructure for advanced hardware systems, and they are seeking a Security Engineer to develop and mature their security and governance, risk, and compliance (GRC) controls. The role involves enhancing security posture, managing incident response, and ensuring compliance with various security standards.

Information TechnologySaaSSoftware
badNo H1BnoteU.S. Citizen Onlynote

Responsibilities

Own the Security Posture (0 to 1): As part of a small team, you will be responsible for building and maturing Nominal’s security and GRC posture from an early foundation. This includes designing first-generation controls, tooling, and processes that scale as Nominal serves regulated enterprise and defense customers (U.S. and non-U.S.). This role emphasizes systems thinking, architecture, and secure-by-design decisions over reactive monitoring or narrow security operations
Detect and Respond: Strengthen Nominalʼs operational and product security through active monitoring, threat detection, and incident response. Manage endpoint protection and logging tools (e.g., EDR, SIEM), investigate alerts, and collaborate with engineering to close gaps and prevent recurrences
Plan and Execute: Translate GRC requirements (e.g., CMMC, NIST 800-171, FedRAMP, NIST 800-53, Impact Level (IL) 4/5, and National Security Systems (NSS)) into concrete technical actions, architectures, and policies that meet stringent information security standards. Assist and support the maintenance of our Information Security Program. Apply technology standards to classified, air-gapped environments
Coach Our Team: Create and deliver approachable, relevant training to ensure all employees are equipped to maintain high technical standards for Security and Compliance. Provide guidance regarding procurement or download of secure, vetted third-party software, applications, and libraries
Communicate the Standard: Prepare communications for government partners, assessors, auditors, and customers that satisfactorily explain Nominalʼs technical security posture, both for our software platform and IT systems/endpoints, and inspire confidence in our secure product and business practices

Qualification

Security EngineeringGRC ComplianceIncident ResponseEDR ToolsSIEM ToolsCloud EnvironmentsRisk AssessmentsSoft Skills

Required

4+ years of experience working as a Security Engineer, with demonstrated ownership of security programs or systems beyond a single functional area
Hands-on experience deploying and operating security tooling (e.g., EDR, SIEM), with the ability to evaluate, select, and evolve tools as the company grows
Incident handling experience including incident preparation, detection, containment & eradication, and post-mortem
Strong understanding of system administration, including network setup (VPN, SSIDs, firewalls), software & hardware allowlisting/blocklisting, encryption & secure protocols, identity and access management controls
Familiarity with cloud environments such as AWS GovCloud, Microsoft Azure, Microsoft Government Community Cloud (GCC), and Google Cloud Platform (GCP)
Experience implementing and maintaining compliance frameworks such as CMMC, NIST 800-171, FedRAMP, NIST 800-53, DoD Impact Levels (IL4/5), National Security Systems (NSS), SOC2, and ISO 27001/27002
Experience with federal contracting and data protection requirements, whether in government or industry settings
Experience conducting risk assessments, vulnerability management, and security control testing to proactively identify and remediate issues and areas of improvement
General knowledge of DevSecOps and infrastructure concepts, with the ability to effectively collaborate with engineering teams on planning, integrations, and implementation of security and compliance requirements

Benefits

100% coverage of medical, dental, and vision insurance
Unlimited PTO and sick leave
Free lunch, snacks, and coffee
Professional development stipend
Annual company retreat

Company

Nominal

twittertwittertwitter
company-logo
Nominal modernizes your data infrastructure and provides real-time workflows that accelerate testing with confidence.
dateFounded in 2022
location
Austin, Texas, USA
people-size51-200 employees
web-link
https://www.nominal.io

Funding

Current Stage
Growth Stage
Total Funding
$102.5M
Key Investors
Sequoia CapitalGeneral CatalystLux Capital
2025-06-12Series B· $75M
2024-04-22Series A· $20M
2024-04-22Seed· $7.5M

Recent News

generalcatalyst.com
Our Investment in Nominal
2026-01-20
PR Newswire
Greentown Labs and Nominal Launch Industrial Center of Excellence within Greentown Houston
2025-09-22
Business Insider
The AI startup Nominal wants to address the accountant shortage. Read the pitch deck that it used to raise $20 million.
2025-08-19
Company data provided by crunchbase