Principal Architect, Product Security

We are seeking a highly skilled and motivated Product Security Architect to join our team to help in securing next-generation satellite systems. Reporting to the Senior Manager, Product Security, you will be responsible for embedding security throughout the product lifecycle - from design and development to deployment and operations - ensuring the integrity, confidentiality, and availability of our space and ground-based assets.

• Threat Modeling & Risk Assessment: Conduct threat modeling and security risk assessments for satellite hardware, software, and communication systems

• Secure Design & Architecture: Collaborate with engineering teams to design secure systems, including onboard satellite software, ground control systems, and data links

• Vulnerability Management: Evaluate and support remediation efforts related to vulnerabilities in embedded systems, firmware, and satellite communication protocols

• Security Testing: Propose test use cases and review testing results, for assessments such as penetration testing, fuzzing, and static/dynamic code analysis on satellite and ground systems

• Compliance & Standards: Ensure compliance with industry standards/frameworks such as NIST, ISO 27001, and space-specific cybersecurity frameworks (e.g., CCSDS, CNSSI 1253)

• Incident Response: Create concept of operations for incident detection, analysis, and response to security events affecting satellite products

• Tooling & Automation: Ensure the software development lifecycle follows industry best practices and utilize appropriate security tools automating security checks

• Collaboration: Work cross-functionally with software, hardware, systems, and mission assurance teams to champion security best practices

• Bachelor’s or Master’s degree in Computer Science, Electrical Engineering, Cybersecurity, or a related field
• 10+ years of experience in product or embedded security architecture
• Experience in the aerospace or satellite industry
• Certifications such as CISSP, OSCP, CEH, or GIAC

• Strong understanding ofembedded systems security,real-time operating systems (RTOS), andsecure communications
• Knowledge ofspace system architectures, including satellite buses, payloads, and ground stations
• Extensive understanding of space industry general threat landscape
• Experience withsecurity tools(e.g., SAST, DAST, Splunk, etc.)
• Knowledge ofcybersecurity frameworks(e.g., NIST 800-53, ISO/IEC 27001).
• Familiarity withspace situational awareness (SSA)andanti-jamming/anti-spoofing techniques
• Experience withDevSecOpsin aerospace environments

• Work under minimum supervision