Product Security Engineer in Boulder

Energy Jobline is the largest and fastest growing global Energy Job Board and Energy Hub. We have an audience reach of over 7 million energy professionals, 400,000+ monthly advertised global energy and engineering jobs, and work with the leading energy companies worldwide.

We focus on the Oil & Gas, Renewables, Engineering, Power, and Nuclear markets as well as emerging technologies in EV, Battery, and Fusion. We are committed to ensuring that we offer the most exciting career opportunities from around the world for our jobseekers.

Job DescriptionJob Description

About the Role

You'll focus on hands-on design and implementation of security related software, to shift security left in our development processes. This includes embedding automated controls such as SBOMs and vulnerability scanning into CI/CD pipelines; maintaining and updating our internal shared libraries and infrastructure for authentication, authorization, and logging; and assisting with monitoring tools for operational services. Where needed, you'll help align systems with NIST 800-171/CMMC requirements, collaborating closely with the Principal Security Engineer, AWS infra team, dev tooling team, chief software engineer, and cybersecurity/GRC group.

You'll work in a lean, impact-focused environment—prioritizing deliverables like secure code and architecture with bureaucracy handled by the TPM/GRC org as much as possible. Occasional engagement in security discussions with government entities may be involved, under the principal security engineer's guidance.

~80-90% hands-on work, with the remainder on collaboration and learning.

Key Responsibilities:

• Implement Security Controls in SDLC: Assist in integrating security automation into pipelines (e.g., GitHub Actions/ArgoCD for SAST/DAST/SCA, SBOM , and vulnerability scanning).
• Support Shared Libraries and Infra: Contribute to evolving standard libraries/infra for authn/authz, logging, and other runtime security features, including testing and updates.
• Contribute to CMMC Compliance: Hands-on support for implementing controls (e.g., encryption, secure configurations, monitoring) to meet/exceed CMMC Level 2 requirements in AC, IA, SC, and SI families, building on our ISO 27001 foundation.
• Assist with Reviews and Models: Participate in security architecture reviews, code audits, and threat modeling; help identify and remediate issues like API vulnerabilities or supply chain risks.
• Team Collaboration: Engage in code reviews, pair programming sessions, and tooling development to advance secure practices; provide peer support within the security engineering team.

Required Qualifications:

• Experience: 5+ years in software or security engineering, with at least 3+ years in security-focused roles. Experience with secure cloud systems (AWS), CI/CD security, and compliance efforts (e.g., NIST, CMMC, or FedRAMP).
• Technical Expertise: Proficiency in container security (Docker/Kubernetes), security tools (e.g., Trivy, Snyk, Falco, OPA), and programming for tooling (Python, Rust). Understanding of modern attacks and defenses.
• Security Acumen: Knowledge of common threats (e.g., injection, lateral movement), controls (NIST 800-53 mappings), DevSecOps practices, SBOMs, zero-trust principles, and SIEM-integrated logging.
• Interpersonal Skills: Ability to collaborate constructively with internal teams and contribute to external security discussions as needed.

Skills:

• Familiarity with AWS security services (e.g., GuardDuty, Security Hub, Config) and IaC tools (Terraform).
• Experience with embedded or satellite security (e.g., secure boot, over-the-air updates).
• Contributions to open-source security projects.
• Relevant certifications (e.g., CSSLP, OSCP, GIAC) demonstrating practical expertise.
• Proven ability to work in small, agile teams and learn from senior mentors.

Bonus

• Other: Experience in regulated industries (defense/aerospace); clearance for sensitive data handling.

Spire operates a hybrid work model, and this position will require you to work a minimum of three days per week in the office.

Access to US export-controlled software and/or technology may be required for this role. If needed, Spire will arrange the necessary licenses—this is not something candidates need to have before applying. #LI-DC1

The anticipated base salary range for this position is listed below. Final base salary for this role will be based on the location, skills, experience and qualifications. In addition to base compensation, this role may be eligible for annual equity awards and our employee benefits program, including vacation, sick, and personal time off; optional medical, dental, vision, life, and coverage; a 401(K) plan; health and wellness reimbursement program; and participation in Spire's Employee Stock Purchase Plan.

Salary Range$171,000—$202,500 USD

Global Perks

️ Name Your Satellite Program (NYSP)
Launch Attendance
Generous Time Off Policy
Education Assistance Program
Employee Assistance Program (EAP)
Employee Stock Purchase Program (ESPP)
Family Leave
Fitness Reimbursement
Employee Referral Program
Healthy snacks & beverages in every office

About Spire

We improve life on Earth with data from space.

Spire Global is a space-to-cloud analytics company that owns and operates the largest multi-purpose constellation of satellites. Its proprietary data and algorithms provide the most advanced maritime, aviation, and weather tracking in the world. In addition to its constellation, Spire's data infrastructure includes a global ground station network and 24/7 operations that provide real-time global coverage of every point on Earth.

Spire is Global and our success draws upon the diverse viewpoints, skills and experiences of our employees. We are proud to be an equal opportunity employer and are committed to equal employment opportunity regardless of , , ancestry, , sex, , , , marital status, , or veteran status.

To help maintain a safe and secure workplace for Spire employees, all candidates who receive a conditional offer will be required to complete a background check. This may include criminal history and employment verification.

Please take a moment to review Spire's Global Data Privacy Notice for Employees, Contractors, Candidates and Visitors, as well as Spire's Privacy Policy.

Kindly be advised that communication regarding your application may come from @spire.com, @recruiting.spire.com, or from Candidate.fyi (our scheduling tool).

If you are interested in applying for this job please press the Apply Button and follow the application process. Energy Jobline wishes you the very best of luck in your next career move.