Security Platform Lead (CI/CD + Supply Chain Security + Devsecops)

Logos Space•Mountain View, CA

About The Position

Logos Space is developing a Low Earth Orbit (LEO) satellite system designed to provide resilient, high-performance satellite-based connectivity services to commercial enterprise and government users worldwide. The system is built to extend cloud and data center network connectivity globally to various terminals, with a strong emphasis on speed and reliability. The company is led by a team of highly experienced engineers in the networking and satellite industries. The Product and Data Link Security team at Logos Space Engineering is crucial for ensuring the success of the network by providing unique levels of security and authentication in space communications, utilizing a framework that supports isolated flows and end-to-end encryption. This Security Platform Lead position is a critical driver of the security architecture, overseeing extensive development efforts and collaborating with other teams like the ground segment and spacecraft systems. The role requires engineers who can thrive in a fast-moving environment, capable of transforming abstract design ideas into concrete, testable architecture and secure solutions. The Security Platform Lead will specifically lead the design and implementation of a secure software supply chain, building a high-assurance CI/CD system that incorporates artifact signing, provenance tracking, and reproducible builds to guarantee strong integrity and traceability for all delivered software.

Requirements

CI/CD security (GitHub Actions, GitLab, Jenkins)
Software supply chain security
Container and orchestration security (Docker, Kubernetes)
Provenance, SBOM, artifact signing
Familiarity with Supply-chain Levels for Software Artifacts (SLSA)
Reproducible builds, build systems

Responsibilities

Lead the design and implementation of a secure software supply chain.
Build and manage a high-assurance Continuous Integration/Continuous Delivery (CI/CD) system, securing tools like GitHub Actions, GitLab, and Jenkins.
Define and implement security hardening standards for the software build and deployment environments, including securing container images, container runtime (Docker/Podman), and container orchestration platforms (Kubernetes).
Design and integrate the AI Wrapper Layer into the CI/CD pipeline to enforce governance, logging, and policy for AI usage, preventing unsafe usage and data leakage.
Embed AI as an advisory capability within the CI/CD pipeline to augment traditional security tools (like Snyk and Semgrep) for use cases such as risk identification, vulnerability explanation, prioritization, and remediation suggestions.
Design and secure the Agentic Architecture, including the Agentic Layer and Model Context Protocol (MCP) servers, to provide controlled, auditable access to internal systems for AI security workflows.
Implement controls for artifact signing and provenance tracking, ensuring all software delivered meets strong integrity and traceability guarantees.
Develop the platform architecture and controls necessary to achieve SLSA Level 3/4 targets and ensure NIST SSDF (800-218) compliance.
Implement controlled build environments to support reproducible builds.
Drive the generation and tracking of Software Bill of Materials (SBOM) to meet emerging DoD mandates.
Actively grow the Logos security team by recruiting top-tier talent and providing technical guidance and mentorship to contribute to the overall security organization growth.