Lead Product Security Engineer

🕒 vor 1 Monat

Jetzt Bewerben

Ähnliche Remote-Jobs finden

E-Mails für Remote-Jobs erhalten

📊 Überprüfen Sie Ihre Lebenslauf-Bewertung für diese Stelle

Verbessern Sie Ihre Chancen auf ein Vorstellungsgespräch, indem Sie Ihre Lebenslauf-Bewertung vor der Bewerbung überprüfen.

Lebenslauf hochladen

Aalyria

WebsiteLinkedInAlle Stellen

51 - 200 Mitarbeiter

📡 Telekommunikation

🏢 Unternehmen

☁️ SaaS

Telecommunications • Enterprise • SaaS

Aalyria ist ein Raum- und Kommunikationstechnologieunternehmen, das planetare Netzwerke erstellt, organisiert und verwaltet, indem es atmosphärische kohärente Freiraum-Laserkommunikation (Tightbeam) mit einer KI-gesteuerten Netzwerkorchestrierungssoftware-Plattform (Spacetime) kombiniert. Das Unternehmen ermöglicht Multi-Domain-, Multi-Orbit-Konnektivität über Land, See, Luft und Weltraum – unterstützt Satellitenkonstellationen, 5G/NTN-Architekturen und hybride Netzwerke – und arbeitet mit kommerziellen und staatlichen Partnern zusammen, um Hard- und Software für widerstandsfähige, hochkapazitative Kommunikation bereitzustellen.

Beschreibung

• You'll be the technical voice of product security across Aalyria, reporting to the Director of Security & IT. • You'll own application security, CI/CD and supply-chain security, our Kubernetes-based product infrastructure, product-side authentication and PKI. • You'll partner closely with hardware engineering on Tightbeam. • Application & software security. SAST/DAST/SCA, secure SDLC, threat modeling, and software vulnerability management across our codebase. • CI/CD and supply-chain security. Hardening our GitLab pipelines, build provenance, dependency integrity, signing, and SLSA-aligned controls. • Product infrastructure security. GKE and Kubernetes hardening, container security, workload identity, network policy, and runtime protection. • Product PKI. Certificate lifecycle, issuance, rotation, and mTLS architecture across distributed services and remote assets. • Vulnerability management. Triage, prioritization, remediation tracking, and exception handling, for both disclosed upstream issues and internal findings. • Product incident response. Leading triage and response for product-side security incidents, coordinating with corporate IR, and driving post-mortems to action. • Product infra hardening. Baseline configurations, secure defaults, and compensating controls across product environments. • Hardware security partnership. Working with the Tightbeam team on firmware security, secure boot, key storage, and hardware supply-chain integrity.

🎯 Anforderungen

• Senior- or staff-level hands-on experience in product security or security engineering, with significant depth in software/AppSec. • Production experience securing cloud environments such as IAM, org policy, VPC Service Controls, KMS, and Kubernetes at depth. • Strong cryptographic foundations, PKI architecture, key management, signing, mTLS, and secrets handling at scale. • Hands-on coding ability in Python, Bash, and Go, you can write tooling, automate controls, and ship Terraform/scripts when the situation calls for it. • Comfort reviewing code is a plus. • A track record of building security programs, not just operating tools someone else stood up. • Experience leading product incident response, triage, response, coordination with engineering teams, customer comms, and post-mortem ownership. • A pattern of mentoring engineers and raising the security bar of teams around you, even without direct reports. • Experience interfacing with hardware/firmware teams, even if hardware isn't your primary domain. • Strong written communication, you'll write threat models, design docs, and program updates that go to the executives, customers, and assessors. • Working knowledge of the compliance frameworks that govern our environment such as CMMC, FedRAMP, and DFARS along with the ability to translate controls into engineering work.

🏖️ Vorteile

• Innovative Environment: Work at a cutting-edge company shaping the future of aerospace communications. • Impactful Work: Directly contribute to critical national security programs and initiatives. • Growth Opportunities: Expand your career with opportunities for professional development and advancement. • Inclusive Culture: Be part of a collaborative, supportive, and inclusive workplace where your contributions matter. • Flexibility: Flexible working arrangements including hybrid remote/in-office schedules.