Senior Security Engineer

Summary

Join Loft Orbital's Security and Compliance Team as a Senior Security Engineer to safeguard our automated, containerized, globally distributed infrastructure. Champion DevSecOps best practices, lead security assessments, collaborate with various teams to remediate vulnerabilities, design secure architecture, and develop automated security tooling. Support incident response, mentor teams, and contribute to internal security tools. This hands-on role offers broad scope, rapid growth, and the chance to contribute to space missions. The ideal candidate possesses deep cloud security experience, strong container and Kubernetes security knowledge, proficiency in programming, and experience with zero-trust architecture. A collaborative and fast-paced environment is expected.

Requirements

• Deep experience with cloud security in AWS, Azure, or GCP environments
• Strong knowledge of container and Kubernetes security in production environments
• Proficiency in at least one modern programming language (e.g., Python, Go, C++)
• Hands-on experience with zero-trust architecture , service mesh, and software-defined networking
• Solid understanding of DevSecOps pipelines , IaC tools, and secure build processes
• Hands-on experience with vulnerability scanning , SAST/DAST tools, and automated security testing
• Proven success in fast-paced, highly collaborative environments , ideally at a startup or scale-up
• Comfortable working closely with developers and SREs in an enablement-first security culture
• Clear, concise communication and documentation skills
• Ability to thrive in a multicultural, globally distributed engineering team

Responsibilities

• Champion DevSecOps best practices by designing and implementing security controls directly into our CI/CD pipelines (e.g., GitLab CI)
• Lead and automate application and infrastructure security assessments , including threat modeling and code review
• Partner with developers and SREs to identify, remediate, and prevent vulnerabilities through secure design and practical guidance
• Design, build, and maintain secure architecture patterns for containerized, cloud-native, and distributed workloads
• Develop and maintain automated security tooling , such as container image scanning, IaC validation, and policy-as-code
• Collaborate on automated security tooling for container image scanning, IaC validation, and RBAC compliance
• Support incident response workflows, including detection, forensics, root cause analysis, and post-mortems
• Provide technical mentorship and real-time enablement to help teams adopt a “secure-by-default” mindset
• Contribute to internal security tools and automation using Python, Go, or other modern languages
• Continuously improve how we measure and scale security across our SRE and infrastructure platforms

Preferred Qualifications

• Practical experience with policy-as-code (OPA, Sentinel, etc.)
• Understanding of software-defined networking and security policy enforcement in mesh environments
• Familiarity with modern SRE practices , observability, and resilience engineering
• Contributions to open-source security tools or frameworks
• Interest or experience in space operations or aerospace systems

Benefits

• 100% company-paid medical, dental, and vision insurance option for employees and dependents
• Flexible Spending (FSA) and Health Savings (HSA) Accounts offered with an employer contribution to the HSA
• 100% employer paid Life, AD&D, Short-Term, and Long-Term Disability insurance
• Flexible Time Off policy for vacation and sick leave, and 12 paid holidays
• 401(k) plan and equity options
• Daily catered lunches and snacks in office
• International exposure to our team in France
• Fully paid parental leave; 14 weeks for birthing parent and 10 weeks for non-birthing parent
• Carrot Fertility provides comprehensive, inclusive fertility healthcare and family-forming benefits with financial support
• Off-sites and many social events and celebrations
• Relocation assistance when applicable