ForgeApply
Try it free

ForgeApply · Job listing

Security Engineering Manager

Northwoodspace

Torrance, CA, US$156k – $232konsite

Apply in about a minute — without sacrificing quality.

ForgeApply autofills this application and tailors your resume to this exact posting. You review everything before it's sent. Free trial, no card required.

About this role

Northwood is a modern space infrastructure company bringing the benefits of space to the masses through advanced communications technology. We are building a global network of phased array ground stations that enable real-time, reliable communication for satellite missions such as national security, global connectivity, and disaster response. With a vertically integrated approach, Northwood designs, builds, and rapidly deploys scalable systems that power the next generation of space missions. If you like solving complex challenges and seeing your work deployed around the world with real impact, Northwood is the place to do it.

Role:

As Security Engineering Lead, you will design, build, and own the security infrastructure that protects Northwood's ground station network, cloud environments, and corporate systems. This is a senior technical leadership role for an engineer who is equally at home architecting security platforms and mentoring a growing team.

You will lead the buildout of our SIEM and EDR capabilities, own corporate network security infrastructure including firewall management, and drive secure deployments across on-premises environments and AWS GovCloud and Microsoft GCC. You will define how Northwood engineers and operates security infrastructure at a scale and sensitivity level that does not exist elsewhere in the commercial space industry. This role reports to the Head of Security.

Responsibilities

SIEM & Detection Engineering

- Own the full lifecycle of Northwood's SIEM platform — architecture, log source onboarding across ground stations and cloud infrastructure, correlation rule development, tuning, and automated alerting.

- Build and maintain EDR platform operations, including agent deployment, policy management, alert triage, and integration with SIEM workflows.

- Develop and continuously improve detection content, incident response playbooks, and SOC processes for a distributed, mission-critical environment.

- Integrate security tooling with broader infrastructure through APIs and automation, reducing manual operational burden over time.

- Lead the deployment and ongoing tuning of User and Entity Behavior Analytics (UEBA) capabilities within the SIEM environment, establishing behavioral baselines and refining detection models to surface insider threats and anomalous activity.

- Develop and maintain UEBA use cases, correlation rules, and risk scoring models, working closely with the SOC to ensure alerts are actionable and high-fidelity.

- Analyze UEBA telemetry to identify patterns indicative of insider risk, compromised accounts, or policy violations, and drive remediation in coordination with HR, legal, and security leadership.

Network & Infrastructure Security

- Manage and maintain FortiGate firewall infrastructure, including policy management, segmentation, firmware lifecycle, and log integration.

- Administer and optimize Cloudflare VPN and Zero Trust Network Access (ZTNA) configurations to support secure remote access and site connectivity.

- Deploy, harden, and maintain security infrastructure across on-premises environments and AWS GovCloud and Microsoft GCC, adhering to applicable compliance frameworks.

- Partner with product infrastructure engineers to ensure security is embedded in network and system architecture from the ground up.

- Deploy and manage email security infrastructure, including administration of platforms such as Proofpoint or Sublime Security, policy tuning, threat response, and integration with SIEM workflows.

DLP Policy & Controls

· Design, implement, and maintain Data Loss Prevention (DLP) policies across endpoint, network, and cloud environments to protect sensitive data in alignment with CMMC and NIST 800-53 control requirements.

· Develop and enforce DLP rules and rulesets across email, web, and SaaS platforms, continuously tuning policies to reduce false positives while maintaining strong data protection coverage.

· Partner with legal, compliance, and IT teams to classify data assets and translate classification requirements into enforceable DLP controls across the enterprise.

Identity & Access

- Support Okta administration in coordination with the IT operations team, including SSO integrations, MFA policy enforcement, lifecycle management, and SIEM log ingestion.

- Ensure routine integrations between identity, endpoint, and security tooling are maintained as new systems are onboarded — this role is not responsible for general IT helpdesk or end-user support operations.

Infrastructure as Code & Automation

- Define and enforce IaC practices (Terraform, Ansible, or equivalent) for all security infrastructure deployments, ensuring repeatability, auditability, and compliance alignment.

- Develop scripting and automation (Python, Bash, PowerShell) to operationalize security workflows, reduce toil, and support compliance evidence collection.

Team Leadership

- Hire, mentor, and develop security engineers as the team scales.

- Serve as the primary security engineering subject-matter expert in cross-functional collaboration with network operations, mission management, and product engineering teams.

- Contribute to security architecture reviews and provide technical guidance on regulatory requirements including CMMC, NIST 800-171, and FedRAMP.

Basic Qualifications

- 5+ years in security engineering or DevSecOps with demonstrated experience in a technical leadership capacity.

- Hands-on experience building and operating SIEM platforms, including log ingestion, detection rule development, and alert management.

- Experience deploying and managing EDR solutions in a production environment.

- Demonstrated FortiGate administration experience, including firewall policy management and network segmentation.

- Experience deploying and securing workloads in AWS GovCloud and/or Microsoft GCC environments.

- Proficiency with Infrastructure as Code tooling (Terraform, Ansible, or equivalen

Ready to apply to Northwoodspace?

Apply in about a minute

Similar jobs

More like this: Security & Cybersecurity Jobs · Browse all jobs