Cloud Infrastructure Security Engineer

Share:

Spire Global is a space-to-cloud analytics company that owns and operates the largest multi-purpose constellation of satellites. Its proprietary data and algorithms provide the most advanced maritime, aviation, and weather tracking in the world. In addition to its constellation, Spire’s data infrastructure includes a global ground station network and 24/7 operations that provide real-time global coverage of every point on Earth.

The Role

Spire is hiring a Staff Security Engineer to implement foundational state of the art security best practices, tooling, automation, and infrastructure to achieve comprehensive logging, monitoring, and alerting. You will be implementing modern identity and access management models, building security by default into our CI/CD pipelines, and serving as a subject matter expert (read: leet at Googling things) across our diverse engineering organization. Act as an expert resource in containerization and orchestration to our software PaaS and applications teams, ultimately helping to shape and implement the Spire Security Program.

Our team’s approach is centered around managing risk and achieving compliance through automation rather than procedures, and through DevSecOps tooling rather than by security decrees. You’ll navigate and actualize the Spire Security Controls considering both security and engineering velocity, and help guide teams through software architecture and implementation, operational concerns, and documentation.

We are looking for someone who’s excited about building security, data, space, and likes to move fast, iterate quickly, and work with small, global autonomous teams of highly capable people that care deeply about what they do.

Responsibilities:

  • Integrate security technologies and best practices into everything we build, from infrastructure and automation to containers and satellite ground stations
  • Shape a high-speed security strategy based on velocity and efficiency-oriented DevSecOps
  • Partner with the PaaS team to help shape and implement their roadmap for CI/CD, Kubernetes, secrets management, networking; along with implementing actionable security telemetry and alarms
  • Partner with developers that use the software platform to help shape and implement their application roadmaps, ensuring that security is baked in from the start
  • Act as hands on expert resource throughout design, code review, and implementation of security systems across the engineering organization, including satellites in orbit right now
  • Design and implement security controls with user-friendly enforcement and guardrails in mind.

Basic Qualifications:

  • 5+ years’ experience in Infrastructure engineering/DevOps and/or Cloud Security
  • Deep understanding of cloud infrastructure and security (preferably AWS)
  • Scripting experience required in (at least one) language - Python/Java/GO/Bash
  • Good working knowledge and confidence with cloud technologies, including networking, secrets management, IAM, containerization and orchestration, and encryption (at rest and in transit)
  • Excellent communication skills
  • Bachelor’s degree required

Preferred Qualifications (Nice to Have):

  • Demonstrated history and willingness to solve security problems hands-on at the code level
  • Working knowledge of cloud and infrastructure-as-code tooling such as Kubernetes, Terraform, Vault, ArgoCD, Ansible, Chef
  • Hands-on experience with container security including profiling containers and implementing AppArmor, Falco, and similar tooling
  • Proven experience implementing security controls
  • Highly detailed-oriented and completeness driven
  • Comfortable with iterating and re-evaluating projects and plans as needs evolve
  • Experience with FedRAMP, NIST 800-171 and CMMC, and ISO 27001

Spire is Global and our success draws upon the diverse viewpoints, skills, and experiences of our employees. We are proud to be an equal opportunity employer and are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, marital status, disability, gender identity or veteran status.

 

#LI-NV1

#LI-Remote