About RuneRune Technologies is here to revolutionize the status quo of military logistics and sustainment through the deployment of AI-enabled solutions. Combining elite Silicon Valley software expertise with deep operational experience working in and with the Department of Defense, Rune builds cutting-edge software to solve the most critical logistics challenges faced by the U.S. military and its allies. Rune’s flagship product is TyrOS, an advanced software platform to enhance logistics at tactical and operational echelons, providing unified, comprehensive management of inventory, personnel, equipment and distribution. TyrOS integrates critical information for holistic, data-driven logistics decisions, leveraging AI for decision support, predictive analytics and optimization at machine speed. Rune’s mission is to support and enable the military logistics and sustainment communities with software to meet needs for the next fight.About the RoleWe are seeking an Information Systems Security Engineer (ISSE) to own and drive the security posture of Rune’s platforms across classified and unclassified environments.In this role, you will operate at the intersection of software engineering, cybersecurity, and mission deployment—ensuring our systems meet stringent DoD security requirements while remaining fast, scalable, and usable in real-world operational environments.You will work closely with engineering, product, and mission teams to embed security directly into our systems—from architecture through deployment—while navigating the realities of classified, air-gapped, and edge environments.This is a high-ownership role for someone who can balance security rigor with execution speed.What You’ll DoOwn the end-to-end security posture of Rune systems across development, deployment, and sustainmentAutomate vulnerability scanning and document generation processes with CI/CD, scripting and/or AI toolsLead and execute RMF (Risk Management Framework) processes, including system categorization, control selection, assessment, authorization, and continuous monitoringDevelop and maintain security artifacts (e.g., SSPs, POA&Ms, control matrices) to support Authority to Operate (ATO)Tailor and implement NIST 800-53 controls and ensure compliance across cloud, edge, and air-gapped environmentsPartner with engineering teams to integrate secure design principles and DevSecOps practices into the software development lifecycleConduct vulnerability assessments, security scans, and risk analyses, and drive remediation effortsTranslate commercial technology standards into classified and operational environmentsCollaborate with Information System Owners, government stakeholders, and accrediting authorities to meet mission and compliance requirementsSupport deployment of secure systems in real-world environments, including field testing and operational validationAdvise on security architecture, threat modeling, and secure coding practices across the platformContinuously improve monitoring, automation, and tooling to reduce accreditation and compliance overheadRequired QualificationsActive U.S. Secret clearance (Top Secret preferred)3–6+ years of experience in cybersecurity, ISSE, ISSO, or related roles supporting DoD or classified systemsStrong understanding of RMF, NIST SP 800-53, and DoD cybersecurity frameworksExperience supporting ATO processes and developing security documentation (SSP, POA&M, etc.)Familiarity with security assessment tools (e.g., Nessus, STIGs, vulnerability scanners)Working knowledge of software systems and infrastructure (cloud, networking, or embedded systems)Experience with at least one programming or scripting language (e.g., Python, Go, C++)Ability to operate in fast-paced, ambiguous environments with high ownership and accountabilityStrong communication skills and ability to work directly with technical and non-technical stakeholdersDesired QualificationsActive Top Secret clearanceExperience securing edge systems, distributed platforms, or mission-critical defense softwareFamiliarity with DevSecOps pipelines and CI/CD security integrationKnowledge of JSIG, NISPOM, or additional DoD/IC security frameworksExperience with Zero Trust architectures or cross-domain solutionsBackground in defense, aerospace, or operational military environmentsExperience deploying systems into classified or disconnected (air-gapped) environmentsBenefitsRune offers top-tier benefits for full-time employees to include a full suite of insurance options at no cost for employees and low-cost to spouses and dependents. Highly competitive equity grants are also included in the majority of full time offers and are considered part of Rune's total compensation package. Benefits include:Comprehensive medical, dental, and vision plans; premiums 100% covered by Rune for all employees; exceptionally low premiums for spouses and dependentsBasic life insurance and disability 100% covered for all employees by Rune; option to purchase additional life insurance available‘Take the time off that you need, when you need it’ paid time off, not accrual basedGenerous company holiday calendar including a holiday shutdown in DecemberSupportive leave of absence program including time off for military service, medical events, and parental leaveFull 401(k) retirement plan for all full-time eligible employeesCompany-funded commuter benefitsFree access to on-site gym at office