Jobs · Information Technology · Colorado

Product Security Engineer

Spire · Boulder, CO · 2 wk ago
Information Technology$171k/yrFull-time

About the Role

You'll focus on hands-on design and implementation of security related software, to shift security left in our development processes. This includes embedding automated controls such as SBOMs and vulnerability scanning into CI/CD pipelines; maintaining and updating our internal shared libraries and infrastructure for authentication, authorization, and logging; and assisting with monitoring tools for operational services. Where needed, you'll help align systems with NIST 800-171/CMMC requirements, collaborating closely with the Principal Security Engineer, AWS infra team, dev tooling team, chief software engineer, and cybersecurity/GRC group.

You'll work in a lean, impact-focused environment—prioritizing deliverables like secure code and architecture with bureaucracy handled by the TPM/GRC org as much as possible. Occasional engagement in security discussions with government entities may be involved, under the principal security engineer's guidance.

Key Responsibilities

  • Implement Security Controls in SDLC: Assist in integrating security automation into pipelines (e.g., GitHub Actions/ArgoCD for SAST/DAST/SCA, SBOM generation, and vulnerability scanning).
  • Support Shared Libraries and Infra: Contribute to evolving standard libraries/infra for authn/authz, logging, and other runtime security features, including testing and updates.
  • Contribute to CMMC Compliance: Hands-on support for implementing controls (e.g., encryption, secure configurations, monitoring) to meet/exceed CMMC Level 2 requirements in AC, IA, SC, and SI families, building on our ISO 27001 foundation.
  • Aid with Reviews and Models: Participate in security architecture reviews, code audits, and threat modeling; help identify and remediate issues like API vulnerabilities or supply chain risks.
  • Team Collaboration: Engage in code reviews, pair programming sessions, and tooling development to advance secure practices; provide peer support within the security engineering team.

Required Qualifications

  • Experience: 5+ years in software or security engineering, with at least 3+ years in security-focused roles. Experience with secure cloud systems (AWS), CI/CD security, and compliance efforts (e.g., NIST, CMMC, or FedRAMP).
  • Technical Expertise: Proficiency in container security (Docker/Kubernetes), security tools (e.g., Trivy, Snyk, Falco, OPA), and programming languages for tooling (Python, Rust).
  • Understanding of modern attacks and defenses.
  • Security Acumen: Knowledge of common threats (e.g., injection, lateral movement), controls (NIST 800-53 mappings), DevSecOps practices, SBOMs, zero-trust principles, and SIEM-integrated logging.
  • Interpersonal Skills: Ability to collaborate constructively with internal teams and contribute to external security discussions as needed.

Preferred Skills

  • Familiarity with AWS security services (e.g., GuardDuty, Security Hub, Config) and IaC tools (Terraform).
  • Experience with embedded or satellite security (e.g., secure boot, over-the-air updates).
  • Contributions to open-source security projects.
  • Relevant certifications (e.g., CSSLP, OSCP, GIAC) demonstrating practical expertise.
  • Proven ability to work in small, agile teams and learn from senior mentors.

Bonus

  • Experience in regulated industries (defense/aerospace); clearance for sensitive data handling.

Pay

The anticipated base salary range for this position is listed below. Final base salary for this role will be based on the location, skills, experience and qualifications. In addition to base compensation, this role may be eligible for annual equity awards and our employee benefits program, including vacation, sick, and personal time off; optional medical, dental, vision, life, and disability coverage; a 401(K) plan; health and wellness reimbursement program; and participation in Spire’s Employee Stock Purchase Plan.

Salary Range: $171,000 USD - $202,500 USD

Similar jobs

Product Security Engineer

Aras CorporationAndover, MA· 2 wk ago
Information Technology$100k–$125k/yrapply on aras.bamboohr.com

Product Security Engineer

ID.meSan Francisco Bay Area· 3 wk ago
Information Technology$168k–$200k/yrapply on job-boards.greenhouse.io