Job DescriptionJob Description
Umbra builds next- space systems that observe the Earth in unprecedented fidelity.
Our mission: Deliver global omniscience.
To stay ahead of climate change, geopolitical risk, and other major crises and issues, we need a global understanding of what is changing, where, and how fast. Umbra provides easy access to the highest quality commercial satellite data available, an indispensable tool for the growing number of organizations monitoring the Earth. We empower our customers to create solutions that inform, inspire, and address our planet's most pressing needs. We're helping to create a new industry that has never meaningfully existed before.
Are you ready to take the lead as a
Senior Product Security Engineer Our aim is to hire this position to work in Umbra's Santa Barbara, CA location in order to work along side product development teams. However, we are open to considering Hybrid applicants as well as candidates in the VA/DC/MD area, working out of our Arlington, VA office.
What you will do - You'll be an essential collaborator with Umbra's product development teams, dedicated to enhancing the trustworthiness, resilience, and survivability of our space segment, which encompasses both satellite and ground system environments. As a secure engineering advocate, you'll support our development release trains, create threat models, assess operational risks, and collaborate with product and SRE teams at the engineering level to continuously boost our systems' trustworthiness, resilience, and survivability. Please note, this role is purely focused on technical development and engineering.
Key Responsibilities - Lead security assessments and code reviews for our satellite software and systems as well as ground systems.
- Develop threat models and perform risk assessments to identify potential vulnerabilities in systems and applications.
- Implement security best practices across development teams and foster a culture of security awareness within the organization.
- Collaborate with engineering teams to develop, enforce, and audit security standards, policies, and procedures for satellite and ground system environments.
- Research emerging security technologies and frameworks relevant to space systems , and proactively integrate relevant solutions to protect infrastructure.
- Design and implement security automation tools and processes to improve system security and minimize manual intervention in securing software releases.
- Work with cross-functional teams to design, implement, and continuously improve secure DevOps pipelines and secure software development lifecycles (SDLC).
- Participate in incident response and security monitoring efforts, ensuring that security events are quickly identified, mitigated, and lessons learned are incorporated into security practices.
- Support third-party security audits and assessments, providing documentation and guidance on any identified vulnerabilities or risks as needed.
- Ensure regulatory compliance with relevant aerospace, satellite, and cybersecurity standards and frameworks such as NIST, CMMC, and others.
- Be the continuous advocate for improving security best practices and champion for a security minded culture with all technical staff to increase overall awareness and capabilities in addressing security risks.
- Support systems security engineering initiatives, ensuring that operational segments are well positioned for resiliency and survivability.
- Other professional duties as assigned.
Requirements Required Qualifications - Bachelor's degree in Computer Science, Cybersecurity, or a related field.
- 5+ years of experience in product security or software security engineering.
- Strong proficiency in secure coding practices and application security assessments.
- Experience with threat modeling and risk assessment methodologies.
- Familiarity with security tools such as static analysis, dynamic analysis, and penetration testing frameworks.
- In-depth understanding of networking protocols, cryptographic algorithms, and vulnerability management.
- Experience with cloud security architecture and securing cloud environments (AWS, Azure, etc.).
- Excellent communication skills and ability to work collaboratively in cross-functional teams.
- Current security clearance or willingness and ability to acquire one.
- One or more of the Desired Qualifications.
Desired Qualifications - Experience in the aerospace or satellite industry.
- Knowledge of security frameworks such as NIST 800-171, Risk Management Framework, CMMC.
- Experience with incident response and security monitoring tools.
- Familiarity with hardware security principles and practices.
- Relevant industry certifications such as OSCP, or SANS certifications are a plus.
Benefits - Flexible Time Off, Sick, Family & Medical Leave
- Medical, Dental, Vision, Life, LTD, STD (employer funded)
- Vol Life, Critical Illness, Accidental, Hospital Indemnity, Pet Insurance (employee funded)
- 401k with 3% non-elective company contribution
- Stock Options
- Free Parking
- Free lunch daily in office
Umbra is an Equal Opportunity Employer that is committed to and . We take affirmative action to ensure equal opportunity for all applicants without regard to Veteran status, or other legally protected characteristics.
Employment Eligibility Verification In compliance with federal laws, all hired persons will be required to verify their and eligibility to work in the United States by completing the required Employment Eligibility Verification Form (I-9 Form) upon hire.
ITAR/EAR Requirements This position may include access to technology and/or data that is subject to U.S. export controls pursuant to ITAR and EAR. To comply with federal export controls, all persons hired must be a U.S. , U.S. , U.S. lawful permanent , refugee or asylee as defined by 8 U.S.C. 1324b(a)(3), or must otherwise be eligible to obtain the required authorizations from the U.S. Department of State and/or U.S. Department of Commerce as applicable.
Pay Transparency This job posting may cover multiple career levels. To ensure greater transparency, we provide base salary ranges for all roles, regardless of location. Our standard pay ranges are based on the role's function and level, benchmarked against similar growth-stage companies. Compensation may vary based on geographical location, as certain regions may have different cost-of-living factors. The final offer will also be influenced by the candidate's skills, responsibilities, and relevant experience.
Compensation Range The Compensation Range for this role is $125,000 - $185,000.