Snr Software Engineer, Product Security
Company: Spire
Location: Boulder
Posted on: January 17, 2026
|
|
|
Job Description:
Job Description Job Description About the Role You'll focus on
hands-on design and implementation of security related software, to
shift security left in our development processes. This includes
embedding automated controls such as SBOMs and vulnerability
scanning into CI/CD pipelines; maintaining and updating our
internal shared libraries and infrastructure for authentication,
authorization, and logging; and assisting with monitoring tools for
operational services. Where needed, you'll help align systems with
NIST 800-171/CMMC requirements, collaborating closely with the
Principal Security Engineer, AWS infra team, dev tooling team,
chief software engineer, and cybersecurity/GRC group. You'll work
in a lean, impact-focused environment—prioritizing deliverables
like secure code and architecture with bureaucracy handled by the
TPM/GRC org as much as possible. Occasional engagement in security
discussions with government entities may be involved, under the
principal security engineer's guidance. ~80-90% hands-on work, with
the remainder on collaboration and learning. Key Responsibilities:
I mplement Security Controls in SDLC : Assist in integrating
security automation into pipelines (e.g., GitHub Actions/ArgoCD for
SAST/DAST/SCA, SBOM generation, and vulnerability scanning).
Support Shared Libraries and Infra: Contribute to evolving standard
libraries/infra for authn/authz, logging, and other runtime
security features, including testing and updates. Contribute to
CMMC Compliance : Hands-on support for implementing controls (e.g.,
encryption, secure configurations, monitoring) to meet/exceed CMMC
Level 2 requirements in AC, IA, SC, and SI families, building on
our ISO 27001 foundation. Assist with Reviews and Models :
Participate in security architecture reviews, code audits, and
threat modeling; help identify and remediate issues like API
vulnerabilities or supply chain risks. Team Collaboration : Engage
in code reviews, pair programming sessions, and tooling development
to advance secure practices; provide peer support within the
security engineering team. Required Qualifications: Experience : 5
years in software or security engineering, with at least 3 years in
security-focused roles. Experience with secure cloud systems (AWS),
CI/CD security, and compliance efforts (e.g., NIST, CMMC, or
FedRAMP). Technical Expertise : Proficiency in container security
(Docker/Kubernetes), security tools (e.g., Trivy, Snyk, Falco,
OPA), and programming languages for tooling (Python, Rust).
Understanding of modern attacks and defenses. Security Acumen :
Knowledge of common threats (e.g., injection, lateral movement),
controls (NIST 800-53 mappings), DevSecOps practices, SBOMs,
zero-trust principles, and SIEM-integrated logging. Interpersonal
Skills : Ability to collaborate constructively with internal teams
and contribute to external security discussions as needed.
Preferred Skills: Familiarity with AWS security services (e.g.,
GuardDuty, Security Hub, Config) and IaC tools (Terraform).
Experience with embedded or satellite security (e.g., secure boot,
over-the-air updates). Contributions to open-source security
projects. Relevant certifications (e.g., CSSLP, OSCP, GIAC)
demonstrating practical expertise. Proven ability to work in small,
agile teams and learn from senior mentors. Bonus Other : Experience
in regulated industries (defense/aerospace) ; clearance for
sensitive data handling. Spire operates a hybrid work model, and
this position will require you to work a minimum of three days per
week in the office. Access to US export-controlled software and/or
technology may be required for this role. If needed, Spire will
arrange the necessary licenses—this is not something candidates
need to have before applying. LI-DC1 The anticipated base salary
range for this position is listed below. Final base salary for this
role will be based on the location, skills, experience and
qualifications. In addition to base compensation, this role may be
eligible for annual equity awards and our employee benefits
program, including vacation, sick, and personal time off; optional
medical, dental, vision, life, and disability coverage; a 401(K)
plan; health and wellness reimbursement program; and participation
in Spire's Employee Stock Purchase Plan. Salary Range
$171,000—$202,500 USD Global Perks ? Name Your Satellite Program
(NYSP) Launch Attendance Generous Time Off Policy Education
Assistance Program Employee Assistance Program (EAP) Employee Stock
Purchase Program (ESPP) Family Leave Fitness Reimbursement Employee
Referral Program Healthy snacks & beverages in every office About
Spire We improve life on Earth with data from space. Spire Global
is a space-to-cloud analytics company that owns and operates the
largest multi-purpose constellation of satellites. Its proprietary
data and algorithms provide the most advanced maritime, aviation,
and weather tracking in the world. In addition to its
constellation, Spire's data infrastructure includes a global ground
station network and 24/7 operations that provide real-time global
coverage of every point on Earth. Spire is Global and our success
draws upon the diverse viewpoints, skills and experiences of our
employees. We are proud to be an equal opportunity employer and are
committed to equal employment opportunity regardless of race,
color, ancestry, religion, sex, national origin, sexual
orientation, age, marital status, disability, gender identity or
veteran status. To help maintain a safe and secure workplace for
Spire employees, all candidates who receive a conditional offer
will be required to complete a background check. This may include
criminal history and employment verification. Please take a moment
to review Spire's Global Data Privacy Notice for Employees,
Contractors, Candidates and Visitors, as well as Spire's Privacy
Policy. Kindly be advised that communication regarding your
application may come from @spire.com, @recruiting.spire.com, or
from Candidate.fyi (our scheduling tool).
Keywords: Spire, Aurora , Snr Software Engineer, Product Security, IT / Software / Systems , Boulder, Colorado
