Principal Software Engineer, Cryptography

Anduril Industries is a defense technology company with a mission to transform U.S. and allied military capabilities with advanced technology. By bringing the expertise, technology, and business model of the 21st century’s most innovative companies to the defense industry, Anduril is changing how military systems are designed, built and sold. Anduril’s family of systems is powered by Lattice OS, an AI-powered operating system that turns thousands of data streams into a realtime, 3D command and control center. As the world enters an era of strategic competition, Anduril is committed to bringing cutting-edge autonomy, AI, computer vision, sensor fusion, and networking technology to the military in months, not years. Team Overview The Platform Security Engineering (PSE) team builds security into Anduril's products from architecture through production. We work directly with business lines to design and implement security solutions tailored to their systems — then promote proven patterns into shared, composable platform services that the entire organization can use. Our mission is threefold: build security solutions for business lines, promote those solutions into the platform, and enable teams to build and operate securely on their own. The scope includes cryptographic protocol design, hardware root-of-trust architectures, secure communication for autonomous and robotic systems, operating system hardening, and distributed security infrastructure across embedded, edge, and cloud environments. Job Description We're looking for a principal-level engineer to serve as a technical leader for platform security across Anduril. This role combines deep expertise in cryptography, systems security, and secure architecture with the ability to drive security strategy across business lines and the platform. You'll own the design of Anduril's most critical security systems — cryptographic infrastructure for autonomous platforms, hardware root-of-trust architectures for robotic systems, secure communication protocols for contested environments — and you'll set the technical direction that shapes how security is built into every product. This is a role for someone who has designed and shipped security systems at the intersection of hardware, firmware, and software, and can lead others through complex technical decisions with lasting consequences. Key Responsibilities Own the technical vision and architecture for platform security across Anduril's product ecosystem Design cryptographic systems, protocols, and key management architectures for autonomous and robotic platforms operating in contested and disconnected environments Lead the design of hardware root-of-trust architectures integrating TPMs, TEEs, HSMs, and secure boot across diverse embedded platforms Drive the strategy for promoting business-line security implementations into shared, composable platform services Serve as the senior technical authority for security architecture reviews across the organization, providing definitive guidance on cryptographic design, protocol security, and system hardening Define security patterns, reference architectures, and engineering standards that enable teams across Anduril to build securely and independently Mentor and develop senior engineers on the team, raising the bar for security engineering across the organization Represent Anduril's security engineering capabilities to customers, partners, and auditors when deep technical credibility is required Evaluate emerging threats, cryptographic standards, and security technologies, driving adoption where they strengthen the platform Required Qualifications 12+ years of experience in software engineering, with significant depth in systems security and cryptography Expert-level knowledge of cryptographic protocol design, including key management architectures, certificate systems, and cryptographic agility Deep experience with hardware security: TPM, TEE, HSM, secure boot, and hardware root-of-trust design across multiple platform types Proficient in two or more of: C++, Rust, Go Experience designing security architectures for embedded, real-time, or robotic systems with constrained environments Track record of leading cross-organizational technical initiatives and driving architectural decisions that span multiple teams Strong ability to communicate complex security concepts to engineering leadership, product teams, and external stakeholders Experience performing and leading threat modeling, security architecture reviews, and cryptographic design reviews Eligible to obtain and maintain active U.S. Secret security clearance Preferred Qualifications Experience with post-quantum cryptography, distributed key generation (DKG), or threshold cryptographic schemes Background in defense, aerospace, or autonomous systems with exposure to FIPS 140, Common Criteria, or NSA CSfC requirements Experience designing secure communication protocols for autonomous platforms or mesh networks Deep knowledge of Linux kernel security, mandatory access controls (SELinux/AppArmor), and OS hardening at scale Experience building and evolving platform security services consumed by dozens of teams Familiarity with compliance frameworks (STIGs, NIST 800-53, CMMC) and translating them into engineering controls that don't compromise developer velocity Publications, patents, or recognized contributions in cryptography or systems security Experience with Nix build systems and reproducible build pipelines for security-critical software US Salary Range$254,000—$336,000 USD The salary range for this role is an estimate based on a wide range of compensation factors, inclusive of base salary only. Actual salary offer may vary based on (but not limited to) work experience, education and/or training, critical skills, and/or business considerations. Highly competitive equity grants are included in the majority of full time offers; and are considered part of Anduril's total compensation package. Additionally, Anduril offers top-tier benefits for full-time employees, including:    Benefits At Anduril, we invest in our people. Our comprehensive, competitive benefits package (available at little to no cost to employees) ensures you’re supported in health, recovery, and whatever comes next. For more information, https://www.anduril.com/careers.   Protecting Yourself from Recruitment Scams Anduril is committed to maintaining the integrity of our Talent acquisition process and the security of our candidates. We've observed a rise in sophisticated phishing and fraudulent schemes where individuals impersonate Anduril representatives, luring job seekers with false interviews or job offers. These scammers often attempt to extract payment or sensitive personal information. To ensure your safety and help you navigate your job search with confidence, please keep the following critical points in mind: No Financial Requests: Anduril will never solicit payment or demand personal financial details (such as banking information, credit card numbers, or social security numbers) at any stage of our hiring process. Our legitimate recruitment is entirely free for candidates. Please always verify communications: Direct from Anduril: If you receive an email from one of our recruiters, it will only come from an @anduril.com address. Via Agency Partner: If contacted by a recruiting agency for an Anduril role, their email will clearly identify their agency. If you suspect any suspicious activity, please verify the agency's authenticity by reaching out to mailto:contact@anduril.com.  Exercise Caution with Unsolicited Outreach: If you receive any communication that appears suspicious, contains grammatical errors, or makes unusual requests, do not engage. Always confirm the sender's email domain is @anduril.com before providing any personal information or clicking on links. What to Do If You Suspect Fraud: Should you encounter any questionable or fraudulent outreach claiming to be from Anduril, please report it immediately to mailto:contact@anduril.com. Your proactive caution is invaluable in protecting your personal information and upholding the security and trustworthiness of our recruitment efforts.   Data Privacy To view Anduril's candidate data privacy policy, please visit https://anduril.com/applicant-privacy-notice/.    By submitting your application, you consent to Anduril Industries using a third-party service provider to conduct pre-employment risk, integrity, and due diligence screening and assessing potential risks as part of your application process. This third-party service provider provides risk-intelligence services that may include analysis of sanctions and watchlists, adverse media, public-record information, and other lawful open-source or commercial data sources. This third-party service provider does not act as a consumer reporting agency. Use of this provider helps to ensure compliance with applicable laws and protect technology, intellectual property, and organizational security. Offices: Costa Mesa, California, United States (Costa Mesa, CA (HQ));