HiringCafe
This job has expired

This job posting is no longer active and is not accepting applications. Explore similar roles below!

Posted 1d ago

Senior Security & AI Infrastructure Engineer

@ Element 84
View All Jobs
Alexandria or Philadelphia
$150k-$180k/yrRemoteFull Time
Responsibilities:leading evaluation, deploying platforms, governing tooling
Requirements Summary:7+ years in Cloud Security, DevSecOps, and Infrastructure Architecture; AWS/Azure; NIST 800-171/CMMC; Zero Trust; strong Python and IaC; security governance.
Technical Tools Mentioned:AWS, Azure, GitHub Enterprise, JumpCloud, Google Workspace, RBAC, SSO, IaC, Python, APIs, LLMs
Save
Mark Applied
Hide Job
Report & Hide
Job Description

About Element 84

Element 84 is a woman-owned small business that works with public, private, and non-profit sector clients to develop geospatial data processing pipelines & build software that helps answer big questions about our health, our infrastructure, and our changing planet. We solve challenging problems across a wide range of industries, but our super power is cloud-based geospatial data processing, remote sensing, and Earth science systems. Our headquarters is located in Alexandria, VA and we have a satellite office in Philadelphia, PA. Element 84 also supports a large remote workforce from a variety of other states.

A Few Other Things You Should Know

  1. Element 84's values are: We Invest in Each Other, We are Reliable, and Our Work Benefits our World.

  2. Element 84 works on meaningful projects that are challenging—from a technical, people, and team perspective. We make an impact on large projects through our leadership and expertise, both formal and informal.

  3. Element 84 values life outside of work. We offer parental leave for everyone and support each other through family challenges like medical problems, adoptions, and new babies.

  4. Element 84 has had a flexible work schedule since our founding in 2010.

  5. Element 84 is committed to fostering a culture of curiosity and respect for all individuals as we constantly strive to create a work environment where everyone feels welcome and supported.

About You

You are curious about the world, are constantly learning, driven to lead (formally or informally), and have a strong work ethic. You're interested in solving impactful problems in science, medicine, and other projects that have a societal good. You can work independently or with a team, prioritize your projects, and be effective without micromanagement.

You'll care about writing. Our team is remote and written communication is essential. In addition to caring about a well-crafted email and a succinct conference abstract, you understand that good writing is good design and engineering.

About the Role

The Senior Security & AI Infrastructure Engineer is a senior technical leadership role dedicated to safely accelerating AI adoption across the company through strategic tool evaluation and governance. This role will provide the technical and security foundation required to support the company in modernizing its SDLC and business operations with AI tooling.

Leveraging deep expertise in DevSecOps, AI/ML systems security, multi-cloud architecture, and NIST 800-171, this role will audit our current AI tooling landscape, architect the secure integration of enterprise AI platforms, and revisit our tooling portfolio as the landscape evolves. The ultimate goal is to establish a unified, governed AI security boundary that protects our federal/GovTech client data while providing our teams the cutting-edge tools they demand.

Key Responsibilities

AI Tooling and Adoption Strategy

  • Lead an immediate, formal architectural evaluation of our current AI tooling landscape – including developer tools, productivity tools, and agentic platforms, and develop a prioritized adoption roadmap.

  • Evaluate candidate AI platforms and tools against Element 84’s strict CMMC/NIST 800-171 compliance requirements, specifically assessing data-retention policies, audit telemetry, and boundary controls in coordination with our Head of Security, Compliance, and Infrastructure. Claude is the current primary evaluation target, but the framework must be reusable for future tools.

  • Present a definitive, adoption strategy compliant with Zero-Trust frameworks to the Head of Security, Compliance, and Infrastructure detailing how we will securely integrate approved AI platforms into our engineering and business workflows, alongside a clear timeline for the complete deprecation of legacy AI tools; once approved this will move onto the executive team for approval and then into implementation.

AI Platform Deployment & Tool Governance

  • Lead the technical procurement, configuration, and rollout of approved AI platform environments, verifying contractual data-handling protections including zero data-retention and zero public-model-training legal clauses.

  • Manage the AI tool portfolio: onboard approved tools, sunset redundant or non-compliant tools, and maintain a current tool inventory. Address unsanctioned “Shadow AI” usage through governance, tooling, and communication.

  • Architect and implement Zero Trust conditional access policies ensuring approved AI workspaces are only accessible from E84-managed laptops, neutralizing the threat of data leakage on personal or customer-issued devices (GFE).

  • Architect and implement MCP connector permission frameworks for agentic AI platforms.

Low-Friction Tooling Governance & Review

  • Replace ad-hoc security investigations with a standardized AI tool evaluation framework covering data classification, vendor security, authentication, audit logging, and plan-tier implications.

  • Engage with and potentially lead the design and formalization of a low-friction AI tooling review process that allows the security team to evaluate new AI platforms, plugins, or IDE extensions within 5 business days. This process may involve other departments and should be iterative.

  • Collaborate directly with software engineering, project management, and business operations teams to develop secure guidelines for AI-assisted workflows.

  • Establish and maintain a client data handling policy for AI tool usage.

Secure Infrastructure Implementation & DevSecOps

  • Execute the deployment of approved AI architectures, building out any necessary AWS/Azure cloud infrastructure, API gateways, and network boundaries to support AI platform and GitHub workflows.

  • Integrate the AI platforms directly with JumpCloud/Google Workspace to enforce dynamic Role-Based Access Control (RBAC), SSO, and the Principle of Least Privilege.

  • Configure and maintain observability pipelines for AI platform activity to support audit, incident investigation, and compliance reporting.

CMMC Compliance & Continuous Monitoring

  • Serve as the primary technical author for the organization’s System Security Plan (SSP) and Plan of Action and Milestones (POA&M) as they relate to the new AI tooling stack, cloud infrastructure, and endpoint access aligned with NIST SP 800-171.

  • Work with the Head of Security, Compliance, and Infrastructure as we move forward with formal CMMC compliance to assist in compliance activities.

  • Implement robust logging, threat detection, and telemetry for all API calls to seamlessly prove cross-contamination controls and data sovereignty during CMMC assessments.

Supporting Client Systems

Provide expert information security engineering and guidance for client systems, ensuring that security requirements are seamlessly integrated into architecture and system designs through rigorous configuration and engineering oversight.

Required Qualifications & Experience

  • Experience: 7+ years in Cloud Security, DevSecOps, and Infrastructure Architecture.

  • Education: Bachelor’s degree in Computer Science, Engineering, Information Systems, Cybersecurity, or related technical discipline

  • Cloud Mastery: Deep architectural expertise in Amazon Web Services (AWS) and Microsoft Azure. Professional-level cloud architect certifications are strongly preferred. Experience deploying and maintaining containerized workloads at scale.

  • Compliance Expertise: Proven track record of developing System Security Plans (SSP) and embedding security controls aligned with NIST SP 800-53 and NIST SP 800-171.

  • Zero Trust Operations: Extensive experience integrating Identity and Access Management (IAM), SSO, and endpoint telemetry to enforce Conditional Access Policies (CAP) and Device Trust.

  • DevSecOps Tooling: Deep understanding of modern software engineering pipelines, specifically securing GitHub Enterprise environments, managing tool migrations, and integrating third-party APIs/LLMs securely.

  • Software Engineering: Real world experience with Python and Infrastructure as Code (IaC) tools. Strong grasp of API design.

  • Strategic Communication: Ability to translate complex Zero Trust and AI concepts into actionable business risk discussions for non-technical stakeholders.

    Note: This position requires that applicants be authorized to work in the United States without sponsorship now or at any time in the future, and be able to pass a general background check.

Additional Information

Benefits

Paying attention to who we are as a company–people, family members, friends, and colleagues–is our primary focus at Element 84. There are lots of ways to run a company, and, for us, we prioritize wanting to come to work, being around people we enjoy, taking on big things with people you trust, and sharing our achievements as a team.

  • You’ll get credit when things go right and we’ll have your back when things go wrong.

  • We only take on work that is challenging and right for us. There are projects we will turn down and the team has a say.

  • We may be a small company, but we have big company benefits meant to support the idea that we're here for the long term and happiness comes from much more than where you work.

  • We have an extraordinary retention rate because we hire extraordinary people. We hope that’s you.

The salary range for this position is $150,000 - $180,000. Actual compensation offered to candidate will be finalized at offer and may be above or below the posted range due to skill level, experience, industry-specific knowledge, education/certifications, or geographic location. Base salary represents just one component of the Element 84 total compensation package. Employees will also receive a number of benefits as listed below. Other compensation for this position may include bonus eligibility (dependent on employee performance and company profits).

This is a full time, salaried position. This is a full time, salaried position. Remote candidates are encouraged, but your home office must be less than 100 miles from either Element 84’s Alexandria, VA or Philadelphia, PA hub.

Benefits Offered

  • Competitive medical, dental and vision benefits

  • Life Insurance, Short & Long Term disability insurance

  • Voluntary Accident, Critical Illness & Hospital Insurance

  • 401(k) and Roth 401(k) retirement plans with a fixed 3% of salary employer contributions (paid regardless of employee participation)

  • Health savings account with a company contribution

  • Flexible spending accounts (medical and dependent care)

  • Company-paid parental leave after one year of employment

  • Flexible work schedules

  • Paid employee assistance program

  • 6 paid floating holidays (prorated first year)

  • 4 weeks + 1 day paid Vacation Time Off per calendar year (prorated first year)

  • 40 hours per year of paid Sick Leave

  • Monthly cell phone stipend

Element 84 is an equal opportunity employer.