Staff Software Security Engineer

Muon seeks a Staff Software Security Engineer to join our Security Engineering Team. The ideal candidate is a highly skilled and experienced Software Engineer with expertise in developing secure software for hardware systems, particularly within U.S. Government and ITAR-controlled environments. The ideal candidate will have a strong background in the full software development lifecycle for hardware systems, a deep understanding of cybersecurity principles, and proven experience working with ITAR regulations, including the handling of ITAR-controlled technical data and payloads.

• Implement and champion secure coding practices and software development security methodologies throughout the development lifecycle.
• Implement and enforce secure coding practices (e.g., SAST, DAST, threat modeling) throughout the software development lifecycle.
• Collaborate closely with software engineers to define software requirements, ensure seamless hardware/software integration, and troubleshoot complex system-level issues.
• Collaborate with cross-functional teams to define software requirements, system architecture, and integration plans.
• Review and advise on the development of software for ITAR-controlled payloads, ensuring strict adherence to all applicable export control laws and company policies.
• Ensure all software development activities and deliverables comply with U.S. Government standards and ITAR regulations.
• Work extensively with ITAR systems, including managing access to controlled technical data, ensuring compliance with applicable controls and regulations.
• Conduct threat modeling, vulnerability analysis, and security code reviews to identify and mitigate potential security risks in software and systems.
• Develop and maintain comprehensive software documentation, including design specifications, test plans, verification procedures, and reports necessary for U.S. Government contracts and ITAR compliance.
• Support the integration, testing, and deployment of software solutions in laboratory and operational environments.
• Contribute to the continuous improvement of software development processes, security protocols, and compliance procedures.
• Advise the organization on CMMC compliance

• Minimum of 10 years of professional experience in software development.
• Proven experience in software development security, including secure SDLC practices, threat modeling, and vulnerability assessment.
• Demonstrable experience writing, testing, and debugging software for hardware platforms.
• Experience with U.S. Government contracts and familiarity with government standards and procurement processes.
• In-depth knowledge and hands-on experience with International Traffic in Arms Regulations (ITAR).
• Experience with software version control systems (e.g., Git), continuous integration/continuous deployment (CI/CD) pipelines, and automated testing frameworks.
• Strong analytical and problem-solving skills with the ability to troubleshoot complex software and hardware integration issues.
• Excellent written and verbal communication skills, with the ability to document technical details clearly and concisely.

• Experience with specific industry standards relevant to government or aerospace/defense projects (NIST 800-series).
• Familiarity with encryption technologies and secure data handling practices.
• Experience working in Agile development environments.
• Knowledge of systems engineering principles.
• Experience implementing CMMC
• Direct experience with working in an organization that contracts with the US Government

• The salary range for this role is $180K - $215K and will depend on a candidate's skills, geographic location, qualifications, and experience as defined during the interview process.