Senior Principal Systems Security Engineer - TeraWave

Application close date:

Applications will be accepted on an ongoing basis until the requisition is closed.

At Blue Origin, we envision millions of people living and working in space for the benefit of Earth. We’re working to develop reusable, safe, and low-cost space vehicles and systems within a culture of safety, collaboration, and inclusion. Join our team of problem solvers as we add new chapters to the history of spaceflight!  

Blue Origin is pioneering the future of space-based communications with TeraWave, a revolutionary satellite communications network designed to deliver symmetrical data speeds of up to 6 Tbps anywhere on Earth. This multi-orbit constellation will consist of optically interconnected satellites in low Earth orbit (LEO) and medium Earth orbit (MEO), providing enterprise-grade connectivity for critical operations worldwide.

The Information Systems Security Engineer is responsible for conducting information system security engineering activities across the TeraWave program lifecycle. This role captures and refines information security requirements and ensures their effective integration into system design, development, and configuration through purposeful security architecting. The ISSE will work as an integral part of the integrated project team, coordinating with systems engineers, software developers, network architects, and program leadership to ensure cybersecurity is built into the constellation from the ground up.

Key Responsibilities

Security Architecture & Engineering

• Design and implement security architectures for space and ground system segments, including satellite bus software, ground station networks, mission operations centers, and communication link infrastructure
• Develop and maintain System Security Plans (SSPs), security architecture documentation, and risk assessment packages
• Integrate cybersecurity monitoring, auditing, and recovery measures across all system segments
• Define security requirements for inter-satellite links, ground-to-space uplinks, and user terminal interfaces

Compliance Framework Implementation

• Implement and maintain controls across multiple concurrent frameworks:
  • NIST SP 800-53 Rev 5: Security and privacy control selection, tailoring, and implementation
  • ISO/IEC 27001:2022: Information Security Management System (ISMS) requirements, internal audit support, and continuous improvement
  • ITAR (22 CFR Part 120-130): Export-controlled technical data protection and access control
• Perform cross-framework control mapping and gap analysis to identify implementation efficiencies
• Support Risk Management Framework (RMF) activities as applicable to program requirements

Space Systems Cybersecurity

• Apply cybersecurity principles to flight software, ground software, and communication link security
• Address space-specific threat vectors including signal jamming, spoofing, unauthorized commanding, and supply chain compromise
• Ensure systems are designed to adapt to evolving cybersecurity threats and maintain operational resilience
• Support secure over-the-air (OTA) update capabilities for the satellite constellation
• Evaluate and recommend encryption solutions for data in transit and at rest across all system segments

Assessment & Risk Management

• Conduct security risk assessments and threat modeling for constellation components
• Support security control assessments and ISO 27001 surveillance audits
• Develop and track Plans of Action and Milestones (POA&Ms) for identified vulnerabilities
• Maintain continuous monitoring programs and produce compliance evidence artifacts

Cross-Functional Collaboration

• Coordinate security activities with information security architects, ISSOs, and the Cybersecurity GRC team
• Provide cybersecurity input to systems engineering trade studies, design reviews (SRR, PDR, CDR), and test planning
• Support supply chain risk management activities for constellation hardware and software components

Minimum Qualifications

• Bachelor's degree in Computer Science, Cybersecurity, Systems Engineering, or related technical field
• 8+ years of experience in information systems security engineering, with at least 3 years in space systems, satellite programs, or aerospace
• Demonstrated experience implementing NIST SP 800-53 security controls in operational environments
• Working knowledge of ISO/IEC 27001:2022 ISMS requirements, including internal audit and certification support
• Understanding of space system architectures (ground segment, space segment, link segment, user segment)
• Familiarity with ITAR compliance and handling of export-controlled technical data
• U.S. Citizenship required (ITAR-controlled program)

Preferred Qualifications

• Master's degree in Cybersecurity, Systems Engineering, or related field
• Knowledge of SPARTA (Space Attack Research and Tactic Analysis) threat framework
• Experience with satellite constellation architectures, mesh networking, or inter-satellite links
• Cloud security experience (AWS GovCloud, commercial AWS)
• Familiarity with secure software development practices (DevSecOps) for embedded or flight software
• Experience with RF communications security and link encryption
• Background in network security for distributed ground station architectures

Certifications (one or more preferred)

• CISSP (Certified Information Systems Security Professional)
• CISM (Certified Information Security Manager)
• CompTIA Security+
• ISO 27001 Lead Implementer or Lead Auditor
• CCSP (Certified Cloud Security Professional)

Why This Role Matters

TeraWave represents Blue Origin's entry into global broadband communications via a constellation of over 5,000 satellites. The ISSE will shape the cybersecurity posture of this system from its earliest design phases, ensuring the constellation can withstand adversarial threats while meeting rigorous commercial and government compliance standards. This is a foundational role with direct impact on mission success and program viability.

 

Compensation Range for:

CA applicants is $264,103.00 - $369,743.85 WA applicants is $264,103.00 - $369,743.85

Other site ranges may differ

Culture Statement

Don’t meet all desired requirements? Studies have shown that some people are less likely to apply to jobs unless they meet every single desired qualification. At Blue Origin, we are dedicated to building an authentic workplace, so if you’re excited about this role but your past experience doesn’t align perfectly with every desired qualification in the job description, we encourage you to apply anyway. You may be just the right candidate for this or other roles.

Export Control Regulations

Applicants for employment at Blue Origin must be a U.S. citizen or national, U.S. permanent resident (i.e. current Green Card holder), or lawfully admitted into the U.S. as a refugee or granted asylum.

Background Check

• Required for all positions: Blue’s Standard Background Check

• Required for Certain Job Profiles:  Defense Biometric Identification System (DBIDS) background check if at any time the role requires one to be on a military installation

• Required for Certain Job Profiles: Drivers who operate Commercial Motor Vehicles with a Gross Vehicle Weight (GVW), Gross Vehicle Weight Rating (GVWR) or combination of power unit and trailer that meets or exceeds 10,001 lbs. and/or transports placardable amounts of hazardous materials by ground in any vehicle on a public road while in commerce, may be subject to additional Federal Motor Carrier Safety Regulations including: Driver Qualification Files, Medical Certification (obtained before onboarding), Road Test, Hours of Service, Drug and Alcohol Testing (CDL drivers only), vehicle inspection requirements, CDL requirements (if applicable) and hazardous materials transportation/shipping training.

• Required for certain Job Profiles: Ability to obtain and maintain Merchant Mariner Credential, which includes pre-employment and random drug testing as well as DOT physical

Benefits

• Benefits include:  Medical, dental, vision, basic and supplemental life insurance, paid parental leave, short and long-term disability, 401(k) with a company match of up to 5%, and an Education Support Program.

• Stock Options for all regular employees (working at least 20 hours/week)

• Paid Time Off:  Up to four (4) weeks per year based on weekly scheduled hours, and up to 14 company-paid holidays.

• Dependent on role type and job level, employees may be eligible for benefits and bonuses based on the company's intent to reward individual contributions and enable them to share in the company's results, or other factors at the company's sole discretion. Bonus amounts and eligibility are not guaranteed and subject to change and cancellation. Please check with your recruiter for more details.

Equal Employment Opportunity

Blue Origin is proud to be an Equal Opportunity/Affirmative Action Employer and is committed to attracting, retaining, and developing a highly qualified and dedicated work force. Blue Origin hires and promotes people on the basis of their qualifications, performance, and abilities. We support the establishment and maintenance of a workplace that fosters trust, equality, and teamwork. We provide all qualified applicants for employment and employees with equal opportunities for hire, promotion, and other terms and conditions of employment, regardless of their race, color, religion, sex, sexual orientation, gender identity, national origin/ethnicity, age, physical or mental disability, genetic factors, military/veteran status, or any other status or characteristic protected by federal, state, and/or local law. Blue Origin will consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state, and local laws, including the Washington Fair Chance Act, the California Fair Chance Act, the Los Angeles Fair Chance in Hiring Ordinance, and other applicable laws. For more information on “Know Your Rights,” please see here.

Affirmative Action and Disability Accommodation

Applicants wishing to receive information on Blue Origin’s Affirmative Action Plans, or applicants requiring a reasonable accommodation in order to participate in the application and/or interview process, please contact us at [email protected]. Please note this is a publicly managed inbox. Please do not include any personal medical information in your request.