Staff Security Engineer

About the Company

Spire Global is a space-to-cloud analytics company that owns and operates the largest multi-purpose constellation of satellites. Its proprietary data and algorithms provide the most advanced maritime, aviation, and weather tracking in the world. In addition to its constellation, Spire’s data infrastructure includes a global ground station network and 24/7 operations that provide real-time global coverage of every point on Earth.

Our products are data analytics APIs consumed by governments and small businesses alike seeking best in class information on weather, maritime activity, aviation activity, or looking to leverage our space program to launch and operate custom hardware.

Summary

Spire is hiring a Staff Security Engineer to implement foundational state of the art security best practices, tooling, automation, and infrastructure to achieve comprehensive logging, monitoring, and alerting. You will be implementing modern identity and access management models, building security by default into our CI/CD pipelines, and serving as a subject matter expert (read: leet at Googling things) across our diverse engineering organization.  

Ideally you’ll be co-located in Glasgow with the bulk of our platform-as-a-service (PaaS) team, and act as an expert resource in containerization and orchestration to our software PaaS and applications teams, ultimately helping to shape and implement the Spire Security Program. Spire is amenable to filling this role in San Francisco, CA or remotely within the United States. 

Our team’s approach is centered around managing risk and achieving compliance through automation rather than procedures, and through DevSecOps tooling rather than by security decrees. You’ll navigate and actualize the Spire Security Controls considering both security and engineering velocity, and help guide teams through software architecture and implementation, operational concerns, and documentation.

We are looking for someone who’s excited about security, data, space, and likes to move fast, iterate quickly, and work with small, global autonomous teams of highly capable people that care deeply about what they do.

Responsibilities of your role:

• Integrate security technologies and best practices into everything we build, from infrastructure and automation to containers and ground stations
• Shape a high-speed security strategy based on velocity and efficiency-oriented DevSecOps
• Partner with the PaaS team to help shape and implement their roadmap for CI/CD, Kubernetes, secrets management, networking; all of which producing actionable security telemetry
• Partner with developers that use the software platform to help shape and implement their application roadmaps, ensuring that security is baked in from the start
• Act as hands on expert resource throughout design, code review, and implementation of security systems across the engineering organization, including satellites in orbit right now
• Design and implement security controls and user-friendly enforcement and guardrails

Basic Qualifications:

• 8+ years working experience in software engineering
• Computer science degree or equivalent work
• Strong experience and confidence with the  cloud, including networking, zero-trust, secrets management, IAM, containerization and orchestration, and encryption (at rest and in transit)
• Excellent communication skills

Preferred Qualifications / Experience:

• Demonstrated history and willingness to solve security problems hands-on at the code level
• Deep understanding of cloud infrastructure and security, both conceptually and hands-on 
• Deep knowledge of cloud and infrastructure-as-code tooling such as Kubernetes, Terraform, Vault, etcd, Istio, Ansible, Chef
• Hands-on experience with container security including profiling containers and implementing AppArmor, Falco, and similar tooling 
• Proven experience implementing security controls in a previous role
• Development in Go, Java, and Python
• Highly detailed-oriented and completeness driven
• Comfortable with iterating and re-evaluating projects and plans as needs evolve
• Drive to teach yourself and explore the cutting edge in security and incorporating it into your work; see the big picture, understand where the world is heading, and instinctively know the right way to do things in support of the business we are building together
• Ability to enact change gracefully by default; inspiring people to want to contribute to and collaborate on security through teaching and individual contributions, rather than by hitting people over the head

Bonus

• Experience with FedRAMP, NIST 800-171 and CMMC, and ISO 27001
• Experience translating complex concepts and solutions into documents required for security framework compliance and certification

Spire is Global and our success draws upon the diverse viewpoints, skills and experiences of our employees. We are proud to be an equal opportunity employer and are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, marital status, disability, gender identity or veteran status.