Aalyria

Compensation

Full Description

Role Overview: We are looking for an experienced Senior Security Engineer to join our Corporate Engineering team. The ideal candidate is a hands-on technical security professional who can build, implement, and automate security controls across cloud infrastructure, endpoints and enterprise systems. You will work closely with the Director of Security & IT and engineering teams close to security gaps, harden our environment and support compliance initiatives including CMMC and FedRAMP. This role is for someone who wants to build, not just advise. You will be responsible for implementing security architecture, deploying and tuning security tooling, and automating manual processes. Come join a team building secure systems that support mission-critical communications for defense and federal customers. Key Responsibilities: Design and implement security controls across cloud infrastructure, endpoints, identity systems and applications Harden GCP environments including compute, networking, GKE, IAM and logging configurations Deploy, configure, and maintain security tooling including SIEM, vulnerability scanners, EDR, and secrets management Build automation for security operations, evidence collection and compliance reporting using Python, Terraform, and CI/CD pipelines Develop and maintain logging and monitoring architecture to support detection, response, and audit requirements Implement and enforce identity and access management controls, including SSO, MFA and least privilege access Conduct vulnerability assessments and drive remediation efforts across infrastructure and applications Support incident response activities including investigation, containment, and root cause analysis Collaborate with engineering teams to integrate security into development workflows and CI/CD pipelines Document security configurations, architecture decisions, and runbooks Support compliance efforts by implementing technical controls required for CMMC, FedRAMP, ITAR and DFARS Required Qualifications: 5+ years of experience in security engineering, infrastructure security, or related technical security roles Strong hands-on experience with cloud security in GCP, AWS (GCP preferred) Proficiency in infrastructure-as-code tools, particularly Terraform Scripting and automation skills in Python, Bash, or similar languages Experience with container and Kubernetes security (GKE, EKS, or AKS) Hands-on experience deploying and managing security tools (SIEM, vulnerability scanners, EDR) Strong understanding of identity and access management principles and platforms (Okta, Azure AD, or similar) Experience with CI/CD security and integrating security into DevOps workflows Solid understanding of networking fundamentals including firewalls, VPNs, and network segmentation and Zero Trust Architecture Ability to investigate, diagnose, and resolve security issues independently Excellent communication skills with ability to explain technical concepts to non-technical stakeholders U.S. Citizenship required Preferred Qualifications: Experience in defense, aerospace, or federal contractor environments Familiarity with NIST 800-53, NIST 800-171, CMMC, ITAR or FedRAMP control requirements Experience with GitLab CI/CD security Knowledge of endpoint hardening and configuration management Experience with secrets management solutions (HashiCorp Vault, GCP Secret Manager) Incident response and digital forensics experience Security certifications such as CISSP, GCLD, GPCS, or similar Deep understanding of PKI solutions and implementation of certificates across the environment Active Secret or Top Secret clearance, or ability to obtain What We Offer: Innovative Environment: Work at a cutting-edge company shaping the future of aerospace communications. Impactful Work: Directly contribute to critical national security programs and initiatives. Growth Opportunities: Expand your career with opportunities for professional development and advancement. Inclusive Culture: Be part of a collaborative, supportive, and inclusive workplace where your contributions matter. Flexibility: Flexible working arrangements including hybrid remote/in-office schedules. Compensation and Equity: Competitive salary, comprehensive benefits (401(k), dental, vision, health, life insurance), paid time off, and equity options. ITAR/EAR Requirements: This position involves access to export-controlled information. To comply with U.S. government export regulations, applicants must meet one of the following criteria: (A) Qualify as a U.S. person, which includes: U.S. citizen or national U.S. lawful permanent resident (green card holder) Refugee under 8 U.S.C. 1157 Asylee under 8 U.S.C. 1158 (B) Be eligible to access export-controlled information without requiring an export authorization. (C) Be eligible and reasonably likely to obtain the necessary export authorization from the appropriate U.S. government agency. The company reserves the right to decline pursuing an export licensing process for legitimate business-related reasons. Equal Opportunity Employer Statement: Aalyria is an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We do not discriminate based on race, color, religion, sex (including pregnancy, gender identity, and sexual orientation), national origin, age, disability status, genetic information, protected veteran status, or any other characteristic protected by law. Qualified applicants from all backgrounds are encouraged to apply.