SecOps Engineer

Remote Full-time



⚡️ Why Altium?
Altium is transforming the way electronics are designed and built. From startups to world’s technology giants, our digital platforms give more power to PCB designers, supply chain, and manufacturing, letting them collaborate as never before.

Constant innovation has created a transformative technology, unique in its space
More than 30,000 companies and 100,000 electronics engineers worldwide use Altium
We are growing, debt-free, and financially strong, with the resources to become #1 in the EDA industry
Why Duro?
Duro is building the GitHub for Hardware teams. As now a part of the Altium product portfolio, we’re revolutionizing Product Lifecycle Management (PLM) for companies in space tech, robotics, IoT, and commercial manufacturing. Our platform empowers hardware teams to move with agility, make timely decisions, and build disruptive products.
Our culture is built on: Trust, Autonomy, Experimentation, and Empathy. We deploy daily. We run 3-week cycles (2 weeks building + 1 week polish). We’re Linear stans, leveraging their AI agents to automate bug discovery and fixes. We measure everything through PostHog—feature flags, session replays, and product analytics all in one.About the role:
Duro’s customers build satellites, drones, defense systems, and critical infrastructure. They operate under some of the most demanding security and compliance frameworks in the world—and they expect their PLM platform to meet them where they are. This role exists to make sure we do.
As SecOps, you’ll be the single point of authority for security and compliance across Duro. This is not a back-office compliance role. You’ll be customer-facing—fielding tough questions from security teams at defense contractors, government agencies, and aerospace companies who believe they know the standards as well as you do. Your job is to know them better. To understand not just what the controls require, but why they exist, how they’ve evolved, and how Duro’s architecture satisfies them.
You’ll own our compliance posture across SOC 2, NIST 800-171, NIST 800-53, CMMC, FedRAMP, ITAR, and GDPR. You’ll manage our evidence locker in SecureFrame, work with DevOps on infrastructure security in AWS GovCloud, coordinate with vendors, and represent Duro and Altium as a trusted security authority in every customer conversation.
A day in the life of our SecOps Engineer:

Review and respond to customer security questionnaires, vendor assessments, and RFP security sections—often from defense, aerospace, and government customers with deep domain knowledge and high expectations
Join customer calls as Duro’s security authority—fielding technical questions on data handling, encryption, access controls, and compliance posture, and confidently addressing pushback with precise knowledge of the standards
Maintain and evolve our compliance programs across SOC 2 Type II, NIST 800-171, NIST 800-53, CMMC, FedRAMP, ITAR, and GDPR—not as a checkbox exercise, but as a living practice that adapts as frameworks evolve
Manage our evidence locker in SecureFrame—ensuring continuous readiness for audits, mapping controls to evidence, and keeping documentation current as our product and infrastructure change
Collaborate with DevOps on infrastructure security decisions: encryption at rest and in transit, network segmentation, access management, logging, and monitoring across AWS and GovCloud environments
Own the classification and handling of sensitive data—PII, CUI, ITAR-controlled technical data—ensuring our policies, systems, and team practices align with regulatory requirements
Evaluate and manage security vendors and third-party tools, reviewing SOC 2 reports, conducting risk assessments, and ensuring our supply chain meets the same standards we hold ourselves to
Drive security awareness across the organization—training engineering teams on secure development practices, data handling policies, and incident response procedures
Lead incident response planning and execution, including tabletop exercises, post-incident reviews, and continuous improvement of our response playbooks
Delegate and coordinate across teams—you’re not doing everything yourself, but you’re accountable for ensuring it gets done right, whether that’s a DevOps engineer implementing a control or a product manager understanding an ITAR restriction

Who We’re Looking For:

10+ years of experience in information security, security operations, or compliance—with direct experience in defense, aerospace, or government-adjacent industries
Deep, expert-level knowledge of SOC 2, NIST 800-171/800-53, CMMC, FedRAMP, ITAR, and GDPR—not just the controls, but the intent behind them and how they’ve evolved
Hands-on experience with compliance platforms like SecureFrame, Vanta, or Drata—including evidence management, continuous monitoring, and audit preparation
Strong understanding of cloud infrastructure security—particularly AWS and GovCloud environments, encryption at rest and in transit, IAM, VPC design, and logging/monitoring
Experience with data classification and handling—PII, CUI, ITAR-controlled data—and the ability to translate regulatory requirements into practical engineering guidance
Exceptional communication skills—you can explain a NIST control to a C-suite executive, defend your compliance posture to a DoD security auditor, and help an engineer understand why a particular data flow needs to change
A customer-facing presence—you’re comfortable in high-stakes conversations where customers challenge your security posture, and you respond with authority, precision, and patience
Ability to delegate and coordinate across engineering, DevOps, product, and external vendors—you own the outcomes, but you build through others

How We Think About Security
Security at Duro isn’t a department—it’s a commitment that runs through everything we build. Our customers trust us with their most sensitive product data: designs for defense systems, satellite components, and critical infrastructure. That trust is earned through competence, transparency, and rigor.
We use AI extensively in how we build software—every engineer runs Claude Code as their primary development environment. As our security leader, you’ll help define the guardrails for how AI is used responsibly within our development workflows, ensuring that our velocity never comes at the expense of our security posture.
We don’t want someone who recites frameworks. We want someone who understands the threat landscape our customers operate in, can anticipate where the standards are headed, and builds a security practice that stays ahead of both.
Nice to Have

Relevant certifications: CISSP, CISM, CISA, CompTIA Security+, or CMMC Registered Practitioner (RP)
Experience with PLM, PDM, or hardware/manufacturing industry software
Background in achieving or maintaining FedRAMP authorization
Experience building a security program from the ground up at a startup or mid-size company
Familiarity with secure software development lifecycle (SSDLC) practices
Experience with penetration testing coordination and remediation management
Knowledge of export control regulations beyond ITAR (EAR, OFAC)

The salary range for this role is $190,000 to $230,000 annually. Actual compensation packages within this range are based on a wide array of factors unique to each candidate and role requirements, including but not limited to skill set, years and depth of experience, certifications, and specific location.
Our Benefits

Medical, Dental, Vision Plans and HSA and FSA accounts
❤️ Basic Life and AD&D insurance; disability coverage where applicable
Retirement 401(k) Plan Option with Altium match
Employee Assistance Program
Paid holidays plus a “Choice Day” off per quarter
✈️ Paid time-off on arising schedule upon key milestones
Sick time for Dr. appointments or family health needs
Family medical, maternity, paternity, and military leave
Flexible working arrangements available based on role and location
Employee referral program
Remote working abroad program
Professional development support and resources
Free lunch, snacks, and drinks in the office
Free parking
Also, we would like you to know
We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity workplace.
Learn more about why a career at Altium is an opportunity like no other: https://www.youtube.com/watch'v=cAYCOLpPLPE
✈️ Altium Benefits: https://careers.altium.com/#s-benefits
Are you already an Altium employee? Please apply directly through our internal Greenhouse job board. If you have questions, please contact HR.

Apply Now

Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

Amazon Online Chat Associate – Full-Time Remote | $25–$35/Hour

Remote

Ikea Retail Kitchens Project Specialist Atlanta, GA

Remote

Travel & Expense Administrator

Remote

Math Olympiad Coach - Part-Time, gt.school (Remote) - $37,500/year USD

Remote

Revenue Cycle Report Writer (100% Remote)

Remote

SSR Fullstack /NET / Vue/js Developer - LATAM

Remote

Site of Care Support Representative – Work From Home

Remote

Walmart Jobs (Remote) $40/H - Job Vacancy

Remote

[Remote-Position] HR Executive (Remote) - VacancyGlobal

Remote

[Hiring] Registered Dietitian Clinical Research @Professional Case Management

Remote
← Back