IT Engineer

We’re seeking a skilled IT Engineer to secure and scale the internal infrastructure that powers our mission-critical work.
Spear AI is a growing defense contracting company dedicated to delivering cutting-edge solutions that support our nation’s security. As we expand, we’re building a culture where innovation meets mission-critical work. We operate with a flat organizational structure that empowers every team member to make an impact, collaborate directly with leadership, and contribute to projects that matter. Whether you’re joining our Hardware, Software, or Services division, you’ll work alongside talented professionals who are committed to excellence and advancing the capabilities that keep our nation safe and secure.
Spear AI builds sonobuoy sensors that are deployed into the water and collect edge data. We also work with the U.S. Navy to collect and process their SONAR data. You’ll have an opportunity to work on real-world projects that directly impact warfighter capabilities and mission success.

We’re a small team wearing many hats, and you’d have a wide variety of responsibilities that include:

• Administer Google Workspace, manage Identity Provider (IdP), and set up SSO.

• Manage device enrollment and device scripting in Iru/Kandji.

• Author, maintain, and audit internal security policies and procedures.

• Enforce CMMC 2.0 Level 2 and NIST security frameworks with Vanta.

• Safeguard credentials and secrets across the team using 1Password.

• Harden AWS account security, IAM policies, and role-based access controls.

• Secure network access using Tailscale VPN.

• Develop Infrastructure as Code using Pulumi alongside the infrastructure team.

• Investigate security incidents and conduct routine vulnerability assessments.

We’re looking for someone with strong IT Engineering skills who shares our most important values:

• You’re fanatical about polish. Every detail matters. You love to make sure your configurations are documented, policies are enforced, and nothing slips through the cracks.

• You care about correctness. You take pride in the fact that the systems and policies you put in place are airtight and auditable.

• You obsess over security. You’re always thinking about the attack surface and how to reduce it without making engineers miserable.

• You dive deep. It’s important for you to really know how things work. You read the spec, not just the summary.

• You live on the bleeding edge. You’ve got a long list of upcoming platform features you’re excited about and can’t wait for the next nightly to drop.

• You’re a great teacher. You know how to communicate security requirements to engineers in a way that makes sense and gets buy-in.

• We ship — We don’t work on 18-month projects that are irrelevant before they’re even finished.

• Our work has impact — We build products that are deployed to U.S. submarines and integrate with the sonobuoys we manufacture.

• We’re growing responsibly — We have the resources to hire a lot more people, but we don’t want to build a massive team of people who don’t share our values.

• We’re remote — Work from wherever you want. We collaborate in real time on Slack or asynchronously via GitHub.

• We’re profitable — We aren’t burning through cash trying to make the business work. But we also have investors who believe in us and are committed to our success.

• We care about doing great work — You don’t need permission to sweat the details here.

• We don’t take ourselves too seriously — We’re building products that make the world safer. But we don’t let that get to our heads.

• Hands-on experience with CMMC, FedRAMP, or NIST 800-171 compliance frameworks.

• Experience writing and maintaining security policies and procedures.

• Experience with MDM platforms such as Kandji, Jamf, or similar.

• Experience administering Google Workspace at an organizational level.

• Experience managing SSO and IdP solutions such as Authentik, Okta, or Google Identity.

• Proficiency with AWS IAM, security groups, and access management.

• Experience with security and compliance platforms such as Vanta, Drata, or Tugboat Logic.

• Experience with secrets management tools such as 1Password or HashiCorp Vault.

• Experience managing and securing macOS, Linux, and Windows endpoints.

• Experience configuring and managing VPN solutions.

• Experience working in a defense contracting or government-adjacent environment.

• Familiarity with Pulumi or other Infrastructure as Code tools.

• Proficiency in bash/shell scripting and Python.

• Unlimited PTO — Take the time you need to recharge and maintain work-life balance.

• Dedicated sick time — Your health and well-being come first.

• Comprehensive health and benefits – Medical, dental, and vision coverage to keep you and your family protected.

• 11 Paid Holidays — Enjoy time off throughout the year to celebrate and spend time with loved ones.

• Professional development — Educational opportunities and resources to help you grow your skills and advance your career.

• Collaborative environment — Work directly with leadership in our flat organizational structure, where your ideas and contributions matter.

• Mission-driven work — Contribute to projects that directly support national security and make a real-world impact.

• Growth opportunities — Join us during an exciting expansion phase where you can help shape our future.

• 401(k) with company match.

• Onsite / Remote / Flexible work arrangements or hybrid options (position dependent).

• Relocation assistance (position dependent).

• Referral bonuses.

• Performance bonuses.

• Life insurance and disability coverage.

• Technology home office setup stipend.

• Professional certification reimbursement (position dependent).

We offer competitive compensation tailored to your experience, location, and the impact you’ll make. We’re committed to equitable pay and will share a range aligned to your level and geography during the hiring process. In accordance with state law, candidates in jurisdictions such as CA, CO, WA, NY, and others, where applicable, will be provided a good-faith salary range upon request and throughout the hiring process. This is a full-time, exempt position under the Fair Labor Standards Act (FLSA) and is not eligible for overtime pay.
Compensation for this position is provided on a salaried basis and is not subject to reduction based on hours worked. At Spear AI, you’ll find more than just a job; you’ll join a mission-driven team where your work directly contributes to national security. Our flat organizational structure means your voice matters, your ideas reach leadership, and your impact is visible. As we grow, we’re committed to building robust processes and infrastructure that support both our mission and our people. We value collaboration, continuous improvement, and the expertise each team member brings to the table. If you’re looking for a place to grow professionally while working on projects that truly matter, we’d love to hear from you.