Cybersecurity Engineer - Compliance

About Dynamo AI

Dynamo AI is building the future of trustworthy AI for the enterprise. Our platform provides real-time guardrails, red-teaming, and observability for generative and agentic AI systems -- ensuring safe, compliant, and reliable deployments across regulated sectors such as financial services, insurance, healthcare and government.

We’re backed by leading partners and rapidly expanding with some of the world’s most sophisticated enterprises. 

Job Summary

We are seeking adedicated Security Engineerto serve as the primary owner of security controls, documentation, and compliance activities within the organization. This role combines hands-on technical work, compliance oversight, and process integration, similar in scope to aDevSecOps-style security function. The Security Engineer will ensure alignment withNIST SP 800-171requirements and a formalInformation Security Management System (ISMS)framework (ISO/IEC 27001 or equivalent), supporting the secure handling of Controlled Unclassified Information (CUI) and sensitive data.

Note: due to the scope of the work, we require the role to have US citizenship.

Key Responsibilities

• Serve as theday-to-day security lead, implementing and maintaining technical systems and procedural controls that meet NIST 800-171 and ISMS requirements.
  Refine and maintaincompliance documentationfor federal and highly regulated customers.
• Supportinternal and external audits, providing documentation, technical evidence, and subject matter expertise.
• Conductsecuritygap analyses, risk assessments, and continuous monitoringto validate compliance and security posture.
• Drive security initiativeswith SWE, DevOps and Ops teams to integrate security into infra, software, operations and workflows.
• Monitor, detect, and respond to security events following established incident response processes, while continuously improving playbooks and controls.
• Stay current with evolving FAR, NIST, and ISMS requirements, recommending and implementing control and process enhancements.

Required Skills & Qualifications

• 4+ years of professional experiencein cybersecurity engineering, compliance, or security operations. 
• Hands-on experience preparing for and supporting CMMC, NIST SP 800-171 audits
• Demonstrated knowledge of CMMC, NIST 800-171 requirements, including safeguarding CUI and classified data.
• Familiarity with ISMS frameworks such asISO/IEC 27001, with experience mapping and integrating compliance requirements.
• Strong hands-on skills in security operations, including vulnerability management, access control, incident response, and system hardening.
• Proventechnical writing and documentation skills, including authoring and reviewing compliance artifacts (SSPs, SoAs, POA&Ms, standards).
• Ability to enforce security standards and hold cross-functional teams accountable to defined policies.
• Certifications: Security+ and CySA+; advanced certifications such as CISSP, CISM, CISA, CMMC Certified Professional (CCP) or Certified Assessor (CCA), and ISO 27001 Lead Implementer/Auditor
• Strong communication skills with the ability to work effectively across technical, compliance, and leadership teams.

Preferred Experience

• Prior work supportingfederal contractorsor organizations managing CUI/sensitive data.
• Experience withcontinuous monitoring platformsandautomated compliance dashboards.
• Exposure toformal ISMS auditsand external regulatory assessments.