Principal Architect, Product Security

We are seeking a highly skilled and motivated Product Security Architect to join our team to help in securing next-generation satellite systems. Reporting to the Senior Manager, Product Security, you will be responsible for embedding security throughout the product lifecycle - from design and development to deployment and operations - ensuring the integrity, confidentiality, and availability of our space and ground-based assets.

Main Responsibilities

• Threat Modeling & Risk Assessment: Conduct threat modeling and security risk assessments for satellite hardware, software, and communication systems
• Secure Design & Architecture: Collaborate with engineering teams to design secure systems, including onboard satellite software, ground control systems, and data links
• Vulnerability Management: Evaluate and support remediation efforts related to vulnerabilities in embedded systems, firmware, and satellite communication protocols
• Security Testing: Propose test use cases and review testing results, for assessments such as penetration testing, fuzzing, and static/dynamic code analysis on satellite and ground systems
• Compliance & Standards: Ensure compliance with industry standards/frameworks such as NIST, ISO 27001, and space-specific cybersecurity frameworks (e.g., CCSDS, CNSSI 1253)
• Incident Response: Create concept of operations for incident detection, analysis, and response to security events affecting satellite products
• Tooling & Automation: Ensure the software development lifecycle follows industry best practices and utilize appropriate security tools automating security checks
• Collaboration: Work cross-functionally with software, hardware, systems, and mission assurance teams to champion security best practices

Education/Experience

• Bachelor’s or Master’s degree in Computer Science, Electrical Engineering, Cybersecurity, or a related field
• 10+ years of experience in product or embedded security architecture
• Experience in the aerospace or satellite industry
• Certifications such as CISSP, OSCP, CEH, or GIAC

Specialized Knowledge, Skills and Abilities

• Strong understanding of embedded systems security, real-time operating systems (RTOS), and secure communications
• Knowledge of space system architectures, including satellite buses, payloads, and ground stations
• Extensive understanding of space industry general threat landscape
• Experience with security tools (e.g., SAST, DAST, Splunk, etc.)
• Knowledge of cybersecurity frameworks (e.g., NIST 800-53, ISO/IEC 27001).
• Familiarity with space situational awareness (SSA) and anti-jamming/anti-spoofing techniques
• Experience with DevSecOps in aerospace environments

Decision Making and Supervision

• Work under minimum supervision