Northwood Space
Senior Security Engineer (Gov/Space)
Northwood Space, Torrance, California, United States, 90504
About Northwood:
Northwood is on a mission to transform connectivity between earth and space and bring the benefits of space to the masses through innovations in space communications technologies. If you like building quickly and seeing your work deployed in locations around the globe with real impact, we want you at Northwood.
Role:
Northwood is looking for a Senior Security Engineer to help us build and secure our global space communications network. As we rapidly scale our operations and establish ground stations around the world, we need someone who can design robust security frameworks while ensuring we meet all government compliance requirements.
You'll be responsible for securing everything from our ground stations to our network operations, with a focus on NIST 800-171, CUI handling, and FedRAMP compliance. This role will have significant impact on our security posture as we grow, and you'll collaborate closely with external vendors and internal teams across engineering, network operations, legal, and compliance. We're seeking someone with experience securing complex, mission-critical systems in regulated environments.
Responsibilities:
Architect and implement defensive security controls for cloud, production, and corporate environments
Deploy and manage enterprise SIEM solutions to aggregate audit data and security logs across all systems and endpoints
Collaborate with cross-functional teams including engineering, network operations, policy, legal, and compliance
Design and implement security architectures for space communication systems and ground stations with adherence to NIST 800-171 and FedRAMP requirements
Establish and maintain CUI handling procedures for government contract requirements
Lead incident response efforts and threat hunting while maintaining detailed audit trails for compliance reporting
Basic Qualifications: 5+ years of hands-on experience with infrastructure as code in production environments
Experience conducting security architecture or design reviews around custom business applications, particularly in regulated environments
Knowledge of NIST 800-171 controls, CUI handling requirements, and FedRAMP compliance frameworks
Experience with infrastructure as code languages (Terraform, AWS CDK) in a production capacity and familiarity with one or more general purpose programming languages (Python, Go, Rust, etc)
Ability to develop and maintain systems in government cloud environments (AWS GovCloud, Azure Government) and deploy code through CI/CD pipelines
Experience developing and implementing defensive controls around endpoint and SaaS applications
Preferred Qualifications: Experience building high volume log ingestion and storage pipelines for compliance and audit purposes
Ability to work autonomously and take ownership of complex security projects with compliance requirements
Hands-on experience with AWS GovCloud, Azure Government, or GCP security ecosystem and tooling
Experience with enterprise SIEM platforms (Splunk, QRadar, Sentinel) and endpoint security solutions (CrowdStrike, SentinelOne)
Strong experience with Linux operating systems in production environments
Knowledge of government contracting security requirements and DFARS compliance
#J-18808-Ljbffr
Deploy and manage enterprise SIEM solutions to aggregate audit data and security logs across all systems and endpoints
Collaborate with cross-functional teams including engineering, network operations, policy, legal, and compliance
Design and implement security architectures for space communication systems and ground stations with adherence to NIST 800-171 and FedRAMP requirements
Establish and maintain CUI handling procedures for government contract requirements
Lead incident response efforts and threat hunting while maintaining detailed audit trails for compliance reporting
Basic Qualifications: 5+ years of hands-on experience with infrastructure as code in production environments
Experience conducting security architecture or design reviews around custom business applications, particularly in regulated environments
Knowledge of NIST 800-171 controls, CUI handling requirements, and FedRAMP compliance frameworks
Experience with infrastructure as code languages (Terraform, AWS CDK) in a production capacity and familiarity with one or more general purpose programming languages (Python, Go, Rust, etc)
Ability to develop and maintain systems in government cloud environments (AWS GovCloud, Azure Government) and deploy code through CI/CD pipelines
Experience developing and implementing defensive controls around endpoint and SaaS applications
Preferred Qualifications: Experience building high volume log ingestion and storage pipelines for compliance and audit purposes
Ability to work autonomously and take ownership of complex security projects with compliance requirements
Hands-on experience with AWS GovCloud, Azure Government, or GCP security ecosystem and tooling
Experience with enterprise SIEM platforms (Splunk, QRadar, Sentinel) and endpoint security solutions (CrowdStrike, SentinelOne)
Strong experience with Linux operating systems in production environments
Knowledge of government contracting security requirements and DFARS compliance
#J-18808-Ljbffr