Senior Principal Systems Security Engineer - TeraWave

Application close date:Applications will be accepted on an ongoing basis until the requisition is closed.At Blue Origin, we envision millions of people living and working in space for the benefit of Earth. We’re working to develop reusable, safe, and low-cost space vehicles and systems within a culture of safety, collaboration, and inclusion. Join our team of problem solvers as we add new chapters to the history of spaceflight!Blue Origin is pioneering the future of space-based communications with TeraWave, a revolutionary satellite communications network designed to deliver symmetrical data speeds of up to 6 Tbps anywhere on Earth. This multi-orbit constellation will consist of optically interconnected satellites in low Earth orbit (LEO) and medium Earth orbit (MEO), providing enterprise-grade connectivity for critical operations worldwide.The Information Systems Security Engineer is responsible for conducting information system security engineering activities across the TeraWave program lifecycle. This role captures and refines information security requirements and ensures their effective integration into system design, development, and configuration through purposeful security architecting. The ISSE will work as an integral part of the integrated project team, coordinating with systems engineers, software developers, network architects, and program leadership to ensure cybersecurity is built into the constellation from the ground up.Key ResponsibilitiesSecurity Architecture & EngineeringDesign and implement security architectures for space and ground system segments, including satellite bus software, ground station networks, mission operations centers, and communication link infrastructureDevelop and maintain System Security Plans (SSPs), security architecture documentation, and risk assessment packagesIntegrate cybersecurity monitoring, auditing, and recovery measures across all system segmentsDefine security requirements for inter-satellite links, ground-to-space uplinks, and user terminal interfacesCompliance Framework ImplementationImplement and maintain controls across multiple concurrent frameworks:NIST SP 800-53 Rev 5 : Security and privacy control selection, tailoring, and implementationISO/IEC 27001:2022 : Information Security Management System (ISMS) requirements, internal audit support, and continuous improvementITAR (22 CFR Part 120-130) : Export-controlled technical data protection and access controlPerform cross-framework control mapping and gap analysis to identify implementation efficienciesSupport Risk Management Framework (RMF) activities as applicable to program requirementsSpace Systems CybersecurityApply cybersecurity principles to flight software, ground software, and communication link securityAddress space-specific threat vectors including signal jamming, spoofing, unauthorized commanding, and supply chain compromiseEnsure systems are designed to adapt to evolving cybersecurity threats and maintain operational resilienceSupport secure over-the-air (OTA) update capabilities for the satellite constellationEvaluate and recommend encryption solutions for data in transit and at rest across all system segmentsAssessment & Risk ManagementConduct security risk assessments and threat modeling for constellation componentsSupport security control assessments and ISO 27001 surveillance auditsDevelop and track Plans of Action and Milestones (POA&Ms) for identified vulnerabilitiesMaintain continuous monitoring programs and produce compliance evidence artifactsCross-Functional CollaborationCoordinate security activities with information security architects, ISSOs, and the Cybersecurity GRC teamProvide cybersecurity input to systems engineering trade studies, design reviews (SRR, PDR, CDR), and test planningSupport supply chain risk management activities for constellation hardware and software componentsMinimum QualificationsBachelor's degree in Computer Science, Cybersecurity, Systems Engineering, or related technical field8+ years of experience in information systems security engineering, with at least 3 years in space systems, satellite programs, or aerospaceDemonstrated experience implementing NIST SP 800-53 security controls in operational environmentsWorking knowledge of ISO/IEC 27001:2022 ISMS requirements, including internal audit and certification supportUnderstanding of space system architectures (ground segment, space segment, link segment, user segment)Familiarity with ITAR compliance and handling of export-controlled technical dataU.S. Citizenship required (ITAR-controlled program)Preferred QualificationsMaster's degree in Cybersecurity, Systems Engineering, or related fieldKnowledge of SPARTA (Space Attack Research and Tactic Analysis) threat frameworkExperience with satellite constellation architectures, mesh networking, or inter-satellite linksCloud security experience (AWS GovCloud, commercial AWS)Familiarity with secure software development practices (DevSecOps) for embedded or flight softwareExperience with RF communications security and link encryptionBackground in network security for distributed ground station architecturesCertifications (one or more preferred)CISSP (Certified Information Systems Security Professional)CISM (Certified Information Security Manager)CompTIA Security+ISO 27001 Lead Implementer or Lead AuditorCCSP (Certified Cloud Security Professional)Why This Role MattersTeraWave represents Blue Origin's entry into global broadband communications via a constellation of over 5,000 satellites. The ISSE will shape the cybersecurity posture of this system from its earliest design phases, ensuring the constellation can withstand adversarial threats while meeting rigorous commercial and government compliance standards. This is a foundational role with direct impact on mission success and program viability.Compensation Range for:CA applicants is $264,103.00 - $369,743.85WA applicants is $264,103.00 - $369,743.85Other site ranges may differCulture StatementDon’t meet all desired requirements? Studies have shown that some people are less likely to apply to jobs unless they meet every single desired qualification. At Blue Origin, we are dedicated to building an authentic workplace, so if you’re excited about this role but your past experience doesn’t align perfectly with every desired qualification in the job description, we encourage you to apply anyway. You may be just the right candidate for this or other roles.Export Control RegulationsApplicants for employment at Blue Origin must be a U.S. citizen or national, U.S. permanent resident (i.e. current Green Card holder), or lawfully admitted into the U.S. as a refugee or granted asylum.Background CheckRequired for all positions: Blue’s Standard Background CheckRequired for Certain Job Profiles: Defense Biometric Identification System (DBIDS) background check if at any time the role requires one to be on a military installationRequired for Certain Job Profiles: Drivers who operate Commercial Motor Vehicles with a Gross Vehicle Weight (GVW), Gross Vehicle Weight Rating (GVWR) or combination of power unit and trailer that meets or exceeds 10,001 lbs. and/or transports placardable amounts of hazardous materials by ground in any vehicle on a public road while in commerce, may be subject to additional Federal Motor Carrier Safety Regulations including: Driver Qualification Files, Medical Certification (obtained before onboarding), Road Test, Hours of Service, Drug and Alcohol Testing (CDL drivers only), vehicle inspection requirements, CDL requirements (if applicable) and hazardous materials transportation/shipping training.Required for certain Job Profiles: Ability to obtain and maintain Merchant Mariner Credential, which includes pre-employment and random drug testing as well as DOT physicalBenefitsBenefits include: Medical, dental, vision, basic and supplemental life insurance, paid parental leave, short and long-term disability, 401(k) with a company match of up to 5%, and an Education Support Program.Stock Options for all regular employees (working at least 20 hours/week)Paid Time Off: Up to four (4) weeks per year based on weekly scheduled hours, and up to 14 company-paid holidays.Dependent on role type and job level, employees may be eligible for benefits and bonuses based on the company's intent to reward individual contributions and enable them to share in the company's results, or other factors at the company's sole discretion. Bonus amounts and eligibility are not guaranteed and subject to change and cancellation. Please check with your recruiter for more details.Equal Employment OpportunityBlue Origin is proud to be an Equal Opportunity/Affirmative Action Employer and is committed to attracting, retaining, and developing a highly qualified and dedicated work force. Blue Origin hires and promotes people on the basis of their qualifications, performance, and abilities. We support the establishment and maintenance of a workplace that fosters trust, equality, and teamwork. We provide all qualified applicants for employment and employees with equal opportunities for hire, promotion, and other terms and conditions of employment, regardless of their race, color, religion, sex, sexual orientation, gender identity, national origin/ethnicity, age, physical or mental disability, genetic factors, military/veteran status, or any other status or characteristic protected by federal, state, and/or local law. Blue Origin will consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state, and local laws, including the Washington Fair Chance Act, the California Fair Chance Act, the Los Angeles Fair Chance in Hiring Ordinance, and other applicable laws.Affirmative Action and Disability AccommodationApplicants wishing to receive information on Blue Origin’s Affirmative Action Plans, or applicants requiring a reasonable accommodation in order to participate in the application and/or interview process, please contact us at View email address on click.appcast.io . Please note this is a publicly managed inbox. Please do not include any personal medical information in your request. #J-18808-Ljbffr Blue Origin