About Dynamo AI

Dynamo AI is building the future of trustworthy AI for the enterprise. Our platform provides real-time guardrails, red-teaming, and observability for generative and agentic AI systems -- ensuring safe, compliant, and reliable deployments across regulated sectors such as financial services, insurance, healthcare and government.

We’re backed by leading partners and rapidly expanding with some of the world’s most sophisticated enterprises. 

Job Summary

We are seeking a dedicated Security Engineer to serve as the primary owner of security controls, documentation, and compliance activities within the organization. This role combines hands-on technical work, compliance oversight, and process integration, similar in scope to a DevSecOps-style security function. The Security Engineer will ensure alignment with NIST SP 800-171 requirements and a formal Information Security Management System (ISMS) framework (ISO/IEC 27001 or equivalent), supporting the secure handling of Controlled Unclassified Information (CUI) and sensitive data.

Note: due to the scope of the work, we require the role to have US citizenship.

Key Responsibilities

• Serve as the day-to-day security lead, implementing and maintaining technical systems and procedural controls that meet NIST 800-171 and ISMS requirements.
  Refine and maintain compliance documentation for federal and highly regulated customers.
• Support internal and external audits, providing documentation, technical evidence, and subject matter expertise.
• Conduct security gap analyses, risk assessments, and continuous monitoring to validate compliance and security posture.
• Drive security initiatives with SWE, DevOps and Ops teams to integrate security into infra, software, operations and workflows.
• Monitor, detect, and respond to security events following established incident response processes, while continuously improving playbooks and controls.
• Stay current with evolving FAR, NIST, and ISMS requirements, recommending and implementing control and process enhancements.

Required Skills & Qualifications

• 4+ years of professional experience in cybersecurity engineering, compliance, or security operations. 
• Hands-on experience preparing for and supporting CMMC, NIST SP 800-171 audits
• Demonstrated knowledge of CMMC, NIST 800-171 requirements, including safeguarding CUI and classified data.
• Familiarity with ISMS frameworks such as ISO/IEC 27001, with experience mapping and integrating compliance requirements.
• Strong hands-on skills in security operations, including vulnerability management, access control, incident response, and system hardening.
• Proven technical writing and documentation skills, including authoring and reviewing compliance artifacts (SSPs, SoAs, POA&Ms, standards).
• Ability to enforce security standards and hold cross-functional teams accountable to defined policies.
• Certifications: Security+ and CySA+; advanced certifications such as CISSP, CISM, CISA, CMMC Certified Professional (CCP) or Certified Assessor (CCA), and ISO 27001 Lead Implementer/Auditor
• Strong communication skills with the ability to work effectively across technical, compliance, and leadership teams.

Preferred Experience

• Prior work supporting federal contractors or organizations managing CUI/sensitive data.
• Experience with continuous monitoring platforms and automated compliance dashboards.
• Exposure to formal ISMS audits and external regulatory assessments.