Senior Security Engineer

Summary

Join Loft Orbital, a company revolutionizing space access, as a Senior Security Engineer. Ensure the security of our automated, containerized, and globally distributed infrastructure. Collaborate with various teams to enhance security maturity. This hands-on role offers broad scope and rapid growth, contributing directly to space missions. Champion DevSecOps best practices, conduct security assessments, and provide remediation guidance. Design secure architecture patterns and collaborate on automated security tooling. Support incident response and compliance initiatives.

Requirements

• Deep experience with cloud security in AWS, Azure, or GCP environments
• Strong knowledge of container and Kubernetes security (esp. RBAC, secrets management, and network policies)
• Proficiency in at least one modern programming language (e.g., Python, Go, Java)
• Hands-on experience with zero-trust architecture, service mesh, and software-defined networking
• Solid understanding of DevSecOps pipelines, IaC tools (Terraform, CUE, etc.), and secure build processes
• Familiarity with vulnerability scanning, SAST/DAST tools, and threat intelligence
• Proven ability to work in a fast-paced, startup-like environment
• Comfortable supporting and empowering developers in a collaborative, enablement-first model
• Strong communication and documentation skills
• Able to work effectively across multicultural and globally distributed teams

Responsibilities

• Champion DevSecOps best practices by integrating security controls into our CI/CD pipelines (GitLab CI)
• Conduct threat modeling, application security assessments, and infrastructure penetration testing
• Help developers fix vulnerabilities by providing actionable remediation guidance
• Design, implement, and document secure architecture patterns for containerized and cloud-native workloads
• Educate engineering teams through training and real-time support to cultivate a "secure-by-default" culture
• Collaborate on automated security tooling for container image scanning, IaC validation, and RBAC compliance
• Support incident response processes, including forensics, root cause analysis, and continuous improvement
• Track and support compliance initiatives (ISO 27001, SOC 2), ensuring security controls align with frameworks
• Contribute to internal tooling using Python, CUE, or other scripting languages

Preferred Qualifications

• Hands-on experience with CUE or Python for policy-as-code or validation tooling
• Understanding of software-defined networking and security policy enforcement in mesh environments
• Contributions to open-source security tools or frameworks
• Familiarity with space mission operations or aerospace-specific security challenges