Principal Cybersecurity Engineer

The Nuclear Company is the fastest growing startup in the nuclear and energy space creating a never before seen fleet-scale approach to building nuclear reactors. Through its design-once, build-many approach and coalition building across communities, regulators, and financial stakeholders, The Nuclear Company is committed to delivering safe and reliable electricity at the lowest cost, while catalyzing the nuclear industry toward rapid development in America and globally.

About the role: 

We are seeking an exceptional and highly experienced Principal Cybersecurity Engineer to join our growing team. This pivotal role will be responsible for designing, implementing, and maintaining advanced cybersecurity defenses across our IT and operational technology (OT) environments, ensuring the robust protection of our critical assets in a highly regulated industry. 

The Principal Cybersecurity Engineer will serve as a technical leader and subject matter expert in cybersecurity, focusing on securing both corporate IT systems and the specialized operational technology (OT) environments vital to nuclear energy operations. This role will involve strategic planning, hands-on implementation, risk assessment, and ensuring compliance with stringent regulatory requirements. The successful candidate will drive the adoption of best practices, influence architectural decisions, and lead initiatives to strengthen our overall security posture against evolving threats. This role reports into the VP, Software Engineering.  

Responsibilities:

Cybersecurity Architecture & Design:  

• Lead the design and implementation of secure architectures for both IT and OT systems, including network segmentation, access control, intrusion detection/prevention, and data protection. 

• Develop and implement security standards, policies, and guidelines tailored to the unique demands of the nuclear energy industry. 

• Evaluate and recommend new security technologies and solutions to enhance defense capabilities. 

Risk Management & Assessment:  

• Conduct comprehensive cybersecurity risk assessments for IT and OT systems, identifying vulnerabilities and potential threats. 

• Develop and implement risk mitigation strategies and controls in accordance with industry best practices and regulatory requirements (e.g., NRC, NIST, IEC 62443). 

• Lead vulnerability management programs, including penetration testing and security audits. 

Incident Response & Threat Intelligence:  

• Contribute to the development and execution of cybersecurity incident response plans, ensuring rapid detection, containment, and recovery from security incidents. 

• Stay abreast of the latest cybersecurity threats, vulnerabilities, and attack vectors relevant to critical infrastructure and industrial control systems (ICS). 

• Develop and implement threat intelligence frameworks to proactively identify and counter emerging risks. 

Regulatory Compliance & Audit:  

• Ensure strict compliance with all applicable cybersecurity regulations and standards pertinent to the nuclear energy industry (e.g., 10 CFR Part 73, NERC CIP, NIST CSF). 

• Prepare for and support regulatory audits and inspections, providing technical expertise and documentation. 

• Translate complex regulatory requirements into actionable technical controls and processes. 

Operational Technology (OT) Security:  

• Specialize in securing industrial control systems (ICS), SCADA systems, distributed control systems (DCS), and other OT environments. 

• Implement security solutions that maintain the availability, integrity, and confidentiality of OT systems without disrupting critical operations. 

• Develop secure remote access solutions for OT networks. 

Technical Leadership & Mentorship:  

• Provide expert technical guidance and mentorship to junior cybersecurity engineers and cross-functional teams. 

• Lead complex security projects and initiatives, driving them to successful completion. 

• Act as a subject matter expert and advocate for cybersecurity best practices across the organization. 

Vendor Management:  

• Evaluate and manage security vendors, ensuring their products and services meet the company's security requirements. 

Education and Experience:  

• Bachelor's Degree in Computer Science, Cybersecurity, or a related field. Master's degree preferred. 

• 10+ years of progressive experience in cybersecurity, with a strong focus on enterprise and operational technology (OT) security. 

• Minimum of 3+ years of direct experience in the nuclear energy industry or another highly regulated critical infrastructure sector (e.g., oil & gas, utilities, aerospace & defense). 

• Deep expertise in cybersecurity frameworks (NIST CSF, ISO 27001), regulatory compliance (e.g., NRC, NERC CIP), and industry standards (e.g., IEC 62443). 

• Proven experience in designing and implementing secure network architectures, access controls, and data protection mechanisms for complex environments. 

• Hands-on experience with security tools such as SIEM, EDR, IDS/IPS, firewalls, and vulnerability scanners. 

Skills:  

• Expertise in cybersecurity principles, technologies, and best practices across IT and OT domains. 

• Strong understanding of industrial control systems (ICS), SCADA, and critical infrastructure security. 

• Excellent analytical, problem-solving, and risk assessment abilities. 

• Exceptional written and verbal communication skills, with the ability to convey complex technical information to diverse audiences. 

• Strong leadership capabilities with a proven track record of influencing and driving security initiatives. 

• Relevant certifications (e.g., CISSP, CISM, GICSP, GRID, CCNA Cyber Ops). 

• Proficiency in scripting or programming languages (e.g., Python, PowerShell) for automation. 

Benefits:

• Competitive compensation packages
• 401k with company match
• Medical, dental, vision plans
• Generous vacation policy, plus holidays
• Annual company retreats

Estimated Starting Salary Range: 

The estimated starting salary range for this role is $198,000 - $228,000 annually less applicable withholdings and deductions, paid on a semi-monthly basis.  The actual salary offered may vary based on relevant factors as determined in the Company’s discretion, which may include experience, qualifications, tenure, skill set, availability of qualified candidates, geographic location, certifications held, and other criteria deemed pertinent to the particular role. 

EEO Statement:

The Nuclear Company is an equal opportunity employer committed to fostering an environment of inclusion in the workplace. We provide equal employment opportunities to all qualified applicants and employees without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, veteran status, or any other protected characteristic. We prohibit discrimination in all aspects of employment, including hiring, promotion, demotion, transfer, compensation, and termination.