Cybersecurity Engineer, Senior Manager

At Two Six Technologies, we build, deploy, and implement innovative products that solve the world’s most complex challenges today. Through unrivaled collaboration and unwavering trust, we push the boundaries of what’s possible to empower our team and support our customers in building a safer global future.

Cybersecurity Engineer, Senior Manager

Two Six Technologies is seeking a visionary Cybersecurity Engineer, Senior Manager to architect, build, and defend the highly secure environments that power our advanced R&D initiatives. We are looking for a true security architect who can seamlessly bridge the gap between rigorous government security frameworks (NIST, STIGs, CMMC) and complex operational engineering. In this role, you will lead the strategic design of our secure infrastructure, guide DevSecOps integration across software projects, and engineer pragmatic, intent-based security solutions. If you excel at deconflicting stringent compliance mandates with real-world engineering challenges, and thrive in a role that spans infrastructure defense, network architecture, and application security, we want you to lead our team.

Preferable locations are San Antonio TX and Arlington VA. The role is considered hybrid, and would require at least 3 days a week in the office at either location.

Key Responsibilities

• Strategic Security Architecture: Architect custom security solutions that deconflict stringent government compliance requirements with critical operational needs. Move beyond standard "box checking" to design risk-optimized, tailored controls.
• Intent-Based Engineering: Engineer alternative technical solutions when literal remediation causes operational failure. Leverage deep system knowledge and industry best practices to meet the core security intent of a framework while maintaining system functionality.
• Design & Implementation: Lead the hands-on technical development, configuration, and deployment of secure IT infrastructure and custom security tools, ensuring all architectures are defensible during an audit.
• Threat Defense & Mitigation Strategy: Develop high-level strategies, playbooks, and architectures for threat detection and incident response. Oversee the vulnerability mitigation lifecycle, guiding the team's efforts so that day-to-day monitoring is handled by staff while the Lead focuses on proactive, structural defense improvements.
• Collaborative Security: Partner with development and IT teams to seamlessly integrate security and compliance into CI/CD pipelines and software development lifecycles while supporting innovation.
• Team Leadership & Mentorship: Direct a small team of security professionals across multiple projects. Mentor junior team members on how to balance strict compliance auditing with pragmatic, operational engineering solutions.

Required Skills & Qualifications

• Education: Bachelor’s degree in Computer Science, Cybersecurity, Information Security, or comparable experience.
• Leadership: Experience managing small interactive teams.  Candidates will be required to task junior reports, and should have strong mentorship skills.
• Strategic Risk & Compliance Mastery: Deep understanding of NIST 800-171, NIST 800-53b, CMMC, and DISA STIGs. Proven ability to interpret the underlying risk objective of a control to engineer solutions that satisfy auditors without breaking operations.
• Advanced Systems Expertise: Deep technical mastery of operating systems (primarily RHEL/Linux). Must possess the system-level knowledge (e.g., Linux internals, process management) required to design custom, defensible security configurations backed by vendor documentation when standard STIG guidance is insufficient.
• Operational Deconfliction: A highly analytical mindset with a track record of identifying conflicts between security mandates and operational uptime, and successfully architecting "semi-custom" solutions that keep risk to an acceptable minimum.
• Network Security Architecture: Strong architectural understanding of secure network paradigms (e.g., Zero Trust, macro/micro-segmentation) and fundamentals. Ability to guide the implementation of complex boundary defenses and validate network security controls.
• Application Security & Code Analysis: High technical competency in application security principles. Must be capable of analyzing SAST tool outputs, architecting defensible arguments for false positives to present to customers, and providing strategic guidance to developers on resolving legitimate vulnerabilities.
• Security Automation: Strategic approach to automating repetitive security operations using scripting and CI/CD pipelines. Proven ability to build self-sustaining security workflows that free up engineering staff to focus on high-complexity problems.
• Clearance:  Eligibility to obtain and maintain a security clearance up to TS/SCI. 

Preferred Experience

• Advanced Code Review: Practical experience reading, reviewing, and defending SAST findings in compiled languages such as Java, Golang, or C and/or interpreted languages like Python or NodeJS.
• DevSecOps & Containerization: Hands-on experience architecting secure CI/CD pipelines and software development workflows utilizing platforms like Jenkins, GitHub, or GitLab. Familiarity with securing OCI-compliant container ecosystems (e.g., Docker) is highly desirable.
• Virtualization & Cloud Architecture: Experience securing, architecting, or managing hyperconverged virtual infrastructure (specifically VMware or Proxmox) and/or cloud-native enterprise environments (e.g., AWS).
• Enterprise Boundary Defense: Practical experience engineering, deploying, or migrating advanced enterprise firewall and network security solutions (e.g., Fortinet).
• Specialized Enclaves & R&D Networks: Proven experience designing, auditing, or managing compliance for research and development (R&D) environments, specifically involving the creation or maintenance of CMMC Level 2 compliant networks.
• AI Security Oversight: Experience implementing security guardrails for teams using AI-assisted coding tools (e.g., Cursor, GitHub Copilot, Gemini).
• Automated Compliance: Ability to translate security mandates into Policy-as-Code to ensure rapid, AI-generated deployments remain compliant with NIST/CMMC frameworks.
• AI Risk Assessment: Practical understanding of the OWASP Top 10 for LLMs and how to mitigate risks related to prompt injection and AI-generated code vulnerabilities.
• Clearance:  Active TS/SCI clearance

Clearance Requirements:

• This position requires eligibility to obtain and maintain a security clearance up to TS/SCI

#LI-MS1

#Hybrid