Senior Security Engineer

Aalyria is a leading technology company that supplies laser communications technology and temporospatial software-defined networking platforms to the aerospace industry. With technology acquired from Google, Aalyria is at the forefront of innovation in satellite and airborne mesh networks, as well as cislunar and deep-space communications. We are revolutionizing the orchestration and management of planetary mesh networks using any radio or optical spectrum, any orbit, and any hardware across land, sea, air, and space.

We are looking for an experienced Senior Security Engineer to join our Corporate Engineering team. The ideal candidate is a hands-on technical security professional who can build, implement, and automate security controls across cloud infrastructure, endpoints and enterprise systems. You will work closely with the Director of Security & IT and engineering teams close to security gaps, harden our environment and support compliance initiatives including CMMC and FedRAMP.

This role is for someone who wants to build, not just advise. You will be responsible for implementing security architecture, deploying and tuning security tooling, and automating manual processes. Come join a team building secure systems that support mission-critical communications for defense and federal customers.

• Design and implement security controls across cloud infrastructure, endpoints, identity systems and applications
• Harden GCP environments including compute, networking, GKE, IAM and logging configurations
• Deploy, configure, and maintain security tooling including SIEM, vulnerability scanners, EDR, and secrets management
• Build automation for security operations, evidence collection and compliance reporting using Python, Terraform, and CI/CD pipelines
• Develop and maintain logging and monitoring architecture to support detection, response, and audit requirements
• Implement and enforce identity and access management controls, including SSO, MFA and least privilege access
• Conduct vulnerability assessments and drive remediation efforts across infrastructure and applications
• Support incident response activities including investigation, containment, and root cause analysis
• Collaborate with engineering teams to integrate security into development workflows and CI/CD pipelines
• Document security configurations, architecture decisions, and runbooks
• Support compliance efforts by implementing technical controls required for CMMC, FedRAMP, ITAR and DFARS

• 5+ years of experience in security engineering, infrastructure security, or related technical security roles
• Strong hands-on experience with cloud security in GCP, AWS (GCP preferred)
• Proficiency in infrastructure-as-code tools, particularly Terraform
• Scripting and automation skills in Python, Bash, or similar languages
• Experience with container and Kubernetes security (GKE, EKS, or AKS)
• Hands-on experience deploying and managing security tools (SIEM, vulnerability scanners, EDR)
• Strong understanding of identity and access management principles and platforms (Okta, Azure AD, or similar)
• Experience with CI/CD security and integrating security into DevOps workflows
• Solid understanding of networking fundamentals including firewalls, VPNs, and network segmentation and Zero Trust Architecture
• Ability to investigate, diagnose, and resolve security issues independently
• Excellent communication skills with ability to explain technical concepts to non-technical stakeholders
• U.S. Citizenship required

• Experience in defense, aerospace, or federal contractor environments
• Familiarity with NIST 800-53, NIST 800-171, CMMC, ITAR or FedRAMP control requirements
• Experience with GitLab CI/CD security
• Knowledge of endpoint hardening and configuration management
• Experience with secrets management solutions (HashiCorp Vault, GCP Secret Manager)
• Incident response and digital forensics experience
• Security certifications such as CISSP, GCLD, GPCS, or similar
• Deep understanding of PKI solutions and implementation of certificates across the environment
• Active Secret or Top Secret clearance, or ability to obtain

• Innovative Environment: Work at a cutting-edge company shaping the future of aerospace communications.
• Impactful Work: Directly contribute to critical national security programs and initiatives.
• Growth Opportunities: Expand your career with opportunities for professional development and advancement.
• Inclusive Culture: Be part of a collaborative, supportive, and inclusive workplace where your contributions matter.
• Flexibility: Flexible working arrangements including hybrid remote/in-office schedules.
• Compensation and Equity: Competitive salary, comprehensive benefits (401(k), dental, vision, health, life insurance), paid time off, and equity options.

This position involves access to export-controlled information. To comply with U.S. government export regulations, applicants must meet one of the following criteria:

(A) Qualify as a U.S. person, which includes:

• U.S. citizen or national
• U.S. lawful permanent resident (green card holder)
• Refugee under 8 U.S.C. 1157
• Asylee under 8 U.S.C. 1158

(B) Be eligible to access export-controlled information without requiring an export authorization.

(C) Be eligible and reasonably likely to obtain the necessary export authorization from the appropriate U.S. government agency.

The company reserves the right to decline pursuing an export licensing process for legitimate business-related reasons.

Aalyria is an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We do not discriminate based on race, color, religion, sex (including pregnancy, gender identity, and sexual orientation), national origin, age, disability status, genetic information, protected veteran status, or any other characteristic protected by law. Qualified applicants from all backgrounds are encouraged to apply.