About Northwood:

Northwood is on a mission to transform connectivity between earth and space and bring the benefits of space to the masses through innovations in space communications technologies. If you like building quickly and seeing your work deployed in locations around the globe with real impact, we want you at Northwood.

Role:

Northwood is looking for a Senior Security Engineer to help us build and secure our global space communications network. As we rapidly scale our operations and establish ground stations around the world, we need someone who can design robust security frameworks while ensuring we meet all government compliance requirements.

You'll be responsible for securing everything from our ground stations to our network operations, with a focus on NIST 800-171, CUI handling, and FedRAMP compliance. This role will have significant impact on our security posture as we grow, and you'll collaborate closely with external vendors and internal teams across engineering, network operations, legal, and compliance. We're seeking someone with experience securing complex, mission-critical systems in regulated environments.

Responsibilities:

• Architect and implement defensive security controls for cloud, production, and corporate environments

• Deploy and manage enterprise SIEM solutions to aggregate audit data and security logs across all systems and endpoints

• Collaborate with cross-functional teams including engineering, network operations, policy, legal, and compliance

• Design and implement security architectures for space communication systems and ground stations with adherence to NIST 800-171 and FedRAMP requirements

• Establish and maintain CUI handling procedures for government contract requirements

• Lead incident response efforts and threat hunting while maintaining detailed audit trails for compliance reporting

Basic Qualifications:

• 5+ years of hands-on experience with infrastructure as code in production environments

• Experience conducting security architecture or design reviews around custom business applications, particularly in regulated environments

• Knowledge of NIST 800-171 controls, CUI handling requirements, and FedRAMP compliance frameworks

• Experience with infrastructure as code languages (Terraform, AWS CDK) in a production capacity and familiarity with one or more general purpose programming languages (Python, Go, Rust, etc)

• Ability to develop and maintain systems in government cloud environments (AWS GovCloud, Azure Government) and deploy code through CI/CD pipelines

• Experience developing and implementing defensive controls around endpoint and SaaS applications

Preferred Qualifications:

• Experience building high volume log ingestion and storage pipelines for compliance and audit purposes

• Ability to work autonomously and take ownership of complex security projects with compliance requirements

• Hands-on experience with AWS GovCloud, Azure Government, or GCP security ecosystem and tooling

• Experience with enterprise SIEM platforms (Splunk, QRadar, Sentinel) and endpoint security solutions (CrowdStrike, SentinelOne)

• Strong experience with Linux operating systems in production environments

• Knowledge of government contracting security requirements and DFARS compliance