Senior Software Security Engineer

Loft Federal•Golden, CO

About The Position

Loft Federal is seeking a Senior Software Security Engineer to lead the design, implementation, and assessment of the security architecture for its flight and ground software systems. This role is for a hands-on software engineer with a passion for building security into the core of a product. Responsibilities include coding security services, integrating automated controls into CI/CD pipelines, and ensuring the architecture meets requirements for a government Authority to Operate (ATO). The engineer will write code, harden infrastructure, participate in threat modeling, and mentor other software engineers in secure development practices. This role requires balancing cutting-edge security with the constraints of embedded systems and NIST/CMMC compliance.

Requirements

5+ years of professional experience in software development, with at least 3 years in a security-focused role.
Deep understanding of modern security principles, including DevSecOps, Zero Trust, container security, and common threats.
Demonstrable expertise in one or more of the following security domains: network security, application security, or cryptography.
Technical experience implementing and assessing controls for frameworks such as NIST SP 800-53 / 800-171.
Hands-on experience with scripting and programming languages (e.g., Python, Bash, C++).
Strong understanding of Linux systems security and hardening.
Experience with container security (Docker, k3s) and vulnerability scanning tools.
One or more current, relevant security certifications such as Security+, CySA+, GSEC, CASP, or CISSP.
Active security clearance required.

Nice To Haves

Experience with embedded Linux environments and the challenges of resource-constrained systems (CPU, memory).
Hands-on experience with service-oriented or message-oriented architectures.
Experience in the aerospace, defense, or another high-assurance industry.
Experience writing flight software for spacecraft, robotics, and/or autonomous vehicles.
Experience with Infrastructure as Code (IaC) tools (Terraform, Helm, Ansible).

Responsibilities

Design, develop, and contribute to the Zero Trust security architecture for flight software, including services for authentication/authorization, cryptographic key management, secure data storage, and secure transport.
Lead research and evaluation of security features, protocols, and third-party tools to make data-driven architectural decisions.
Collaborate with infrastructure teams to secure the onboard flight software platform, including hardening embedded Linux systems, segmenting spacecraft network enclaves, configuring onboard IAM policies, and mitigating operational cybersecurity risks.
Integrate and automate security controls directly into CI/CD pipelines, including SAST/DAST, SCA, SBOM generation, and container vulnerability scanning.
Serve as the technical expert for designing and implementing security controls required by NIST SP 800-53 / 800-171 (e.g., encryption, access control, secure logging).
Participate in security architecture reviews, code audits, and threat modeling sessions to identify and remediate vulnerabilities.
Collaborate with the security team and ISSM to prepare systems and documentation for ATO approval.