Lead Product Security Engineer

🕒 May 8

Apply Now
Find Similar Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Logo of Aalyria

Aalyria

51 - 200 employees

📡 Telecommunications

🏢 Enterprise

☁️ SaaS

Telecommunications • Enterprise • SaaS

Aalyria is a company dedicated to creating, organizing, and managing the world's most advanced networks to enable ubiquitous connectivity at the speed of discovery. It utilizes atmospheric laser communications technology and a software platform originally developed by Alphabet. Aalyria's platform orchestrates networks across land, sea, air, space, and beyond. Key technological components include Tightbeam, a free space optics technology, and Spacetime, a software platform for network orchestration. Aalyria is backed by significant investors and has engaged in various high-profile projects, including working with NASA and developing 5G/6G networking platforms.

📋 Description

• You'll be the technical voice of product security across Aalyria, reporting to the Director of Security & IT. • You'll own application security, CI/CD and supply-chain security, our Kubernetes-based product infrastructure, product-side authentication and PKI. • You'll partner closely with hardware engineering on Tightbeam. • Application & software security. SAST/DAST/SCA, secure SDLC, threat modeling, and software vulnerability management across our codebase. • CI/CD and supply-chain security. Hardening our GitLab pipelines, build provenance, dependency integrity, signing, and SLSA-aligned controls. • Product infrastructure security. GKE and Kubernetes hardening, container security, workload identity, network policy, and runtime protection. • Product PKI. Certificate lifecycle, issuance, rotation, and mTLS architecture across distributed services and remote assets. • Vulnerability management. Triage, prioritization, remediation tracking, and exception handling, for both disclosed upstream issues and internal findings. • Product incident response. Leading triage and response for product-side security incidents, coordinating with corporate IR, and driving post-mortems to action. • Product infra hardening. Baseline configurations, secure defaults, and compensating controls across product environments. • Hardware security partnership. Working with the Tightbeam team on firmware security, secure boot, key storage, and hardware supply-chain integrity.

🎯 Requirements

• Senior- or staff-level hands-on experience in product security or security engineering, with significant depth in software/AppSec. • Production experience securing cloud environments such as IAM, org policy, VPC Service Controls, KMS, and Kubernetes at depth. • Strong cryptographic foundations, PKI architecture, key management, signing, mTLS, and secrets handling at scale. • Hands-on coding ability in Python, Bash, and Go, you can write tooling, automate controls, and ship Terraform/scripts when the situation calls for it. • Comfort reviewing code is a plus. • A track record of building security programs, not just operating tools someone else stood up. • Experience leading product incident response, triage, response, coordination with engineering teams, customer comms, and post-mortem ownership. • A pattern of mentoring engineers and raising the security bar of teams around you, even without direct reports. • Experience interfacing with hardware/firmware teams, even if hardware isn't your primary domain. • Strong written communication, you'll write threat models, design docs, and program updates that go to the executives, customers, and assessors. • Working knowledge of the compliance frameworks that govern our environment such as CMMC, FedRAMP, and DFARS along with the ability to translate controls into engineering work.

🏖️ Benefits

• Innovative Environment: Work at a cutting-edge company shaping the future of aerospace communications. • Impactful Work: Directly contribute to critical national security programs and initiatives. • Growth Opportunities: Expand your career with opportunities for professional development and advancement. • Inclusive Culture: Be part of a collaborative, supportive, and inclusive workplace where your contributions matter. • Flexibility: Flexible working arrangements including hybrid remote/in-office schedules.

Apply Now

Similar Jobs

🕒 May 7

Salesloft

501 - 1000

🤝 B2B

☁️ SaaS

⚡ Productivity

Manager of Security Engineering and Operations at Clari + Salesloft, leading the information security team. Responsible for building and mentoring security analysts and engineers while ensuring security integration in operations.

AWS

Docker

Google Cloud Platform

Kubernetes

Linux

Postgres

🕒 May 7

DoorDash

10,000+ employees

🛍️ eCommerce

🚗 Transport

Security Engineer responsible for investigating insider threats and mitigating risks at DoorDash. Analyzing threat data and collaborating with multiple teams to enhance security measures.

Cloud

SQL

🕒 May 7

Entrust

1001 - 5000

🔒 Cybersecurity

💸 Finance

🏛️ Government

Join Entrust as a Compliance Manager leading Data Security Services projects and assessments. Ensure compliance with industry standards and implement strategies to mitigate risks.

🕒 May 6

LMI

1001 - 5000

🤖 Artificial Intelligence

⚕️ Healthcare Insurance

🏛️ Government

Information Systems Security Manager overseeing cybersecurity compliance for the LIGER AI platform at U.S. Customs and Border Protection. Leading authorization and monitoring activities within federal environments.

AWS

Cloud

Cyber Security

🕒 May 6

LMI

1001 - 5000

🤖 Artificial Intelligence

⚕️ Healthcare Insurance

🏛️ Government

Cybersecurity Engineer ensuring secure deployment and continuous authorization of LIGER for federal missions. Collaborate with platform engineers and CBP security team in a fast-paced environment.

AWS

Cloud

Cyber Security