Information Systems Security Engineer
At Blue Origin, we envision millions of people living and working in space for the benefit of Earth. We're working to develop reusable, safe, and low-cost space vehicles and systems within a culture of safety, collaboration, and inclusion. Join our team of problem solvers as we add new chapters to the history of spaceflight!
Blue Origin is pioneering the future of space-based communications with TeraWave, a revolutionary satellite communications network designed to deliver symmetrical data speeds of up to 6 Tbps anywhere on Earth. This multi-orbit constellation will consist of optically interconnected satellites in low Earth orbit (LEO) and medium Earth orbit (MEO), providing enterprise-grade connectivity for critical operations worldwide.
The Information Systems Security Engineer is responsible for conducting information system security engineering activities across the TeraWave program lifecycle. This role captures and refines information security requirements and ensures their effective integration into system design, development, and configuration through purposeful security architecting. The ISSE will work as an integral part of the integrated project team, coordinating with systems engineers, software developers, network architects, and program leadership to ensure cybersecurity is built into the constellation from the ground up.
Key Responsibilities
- Design and implement security architectures for space and ground system segments, including satellite bus software, ground station networks, mission operations centers, and communication link infrastructure
- Develop and maintain System Security Plans (SSPs), security architecture documentation, and risk assessment packages
- Integrate cybersecurity monitoring, auditing, and recovery measures across all system segments
- Define security requirements for inter-satellite links, ground-to-space uplinks, and user terminal interfaces
Compliance Framework Implementation
- Implement and maintain controls across multiple concurrent frameworks:
- NIST SP 800-53 Rev 5: Security and privacy control selection, tailoring, and implementation
- ISO/IEC 27001:2022: Information Security Management System (ISMS) requirements, internal audit support, and continuous improvement
- ITAR (22 CFR Part 120-130): Export-controlled technical data protection and access control
Perform cross-framework control mapping and gap analysis to identify implementation efficiencies Support Risk Management Framework (RMF) activities as applicable to program requirements Space Systems Cybersecurity
- Apply cybersecurity principles to flight software, ground software, and communication link security
- Address space-specific threat vectors including signal jamming, spoofing, unauthorized commanding, and supply chain compromise
- Ensure systems are designed to adapt to evolving cybersecurity threats and maintain operational resilience
- Support secure over-the-air (OTA) update capabilities for the satellite constellation
- Evaluate and recommend encryption solutions for data in transit and at rest across all system segments
Assessment & Risk Management
- Conduct security risk assessments and threat modeling for constellation components
- Support security control assessments and ISO 27001 surveillance audits
- Develop and track Plans of Action and Milestones (POA&Ms) for identified vulnerabilities
- Maintain continuous monitoring programs and produce compliance evidence artifacts
Cross-Functional Collaboration
- Coordinate security activities with information security architects, ISSOs, and the Cybersecurity GRC team
- Provide cybersecurity input to systems engineering trade studies, design reviews (SRR, PDR, CDR), and test planning
- Support supply chain risk management activities for constellation hardware and software components
Minimum Qualifications
- Bachelor's degree in Computer Science, Cybersecurity, Systems Engineering, or related technical field
- 8+ years of experience in information systems security engineering, with at least 3 years in space systems, satellite programs, or aerospace
- Demonstrated experience implementing NIST SP 800-53 security controls in operational environments
- Working knowledge of ISO/IEC 27001:2022 ISMS requirements, including internal audit and certification support
- Understanding of space system architectures (ground segment, space segment, link segment, user segment)
- Familiarity with ITAR compliance and handling of export-controlled technical data
- U.S. Citizenship required (ITAR-controlled program)
Preferred Qualifications
- Master's degree in Cybersecurity, Systems Engineering, or related field
- Knowledge of SPARTA (Space Attack Research and Tactic Analysis) threat framework
- Experience with satellite constellation architectures, mesh networking, or inter-satellite links
- Cloud security experience (AWS GovCloud, commercial AWS)
- Familiarity with secure software development practices (DevSecOps) for embedded or flight software
- Experience with RF communications security and link encryption
- Background in network security for distributed ground station architectures
Certifications (one or more preferred)
- CISSP (Certified Information Systems Security Professional)
- CISM (Certified Information Security Manager)
- CompTIA Security+
- ISO 27001 Lead Implementer or Lead Auditor
- CCSP (Certified Cloud Security Professional)
Why This Role Matters
TeraWave represents Blue Origin's entry into global broadband communications via a constellation of over 5,000 satellites. The ISSE will shape the cybersecurity posture of this system from its earliest design phases, ensuring the constellation can withstand adversarial threats while meeting rigorous commercial and government compliance standards. This is a foundational role with direct impact on mission success and program viability.
Compensation Range for:
CA applicants is $264,103.00 - $369,743.85
WA applicants is $264,103.00 - $369,743.85
Other site ranges may differ
Culture Statement
Don't meet all desired requirements? Studies have shown that some people are less likely to apply to jobs unless they meet every single desired qualification. At Blue Origin, we are dedicated to building an authentic workplace, so if you're excited about this role but your past experience doesn't align perfectly with every desired qualification in the job description, we encourage you to apply anyway. You may be just the right candidate for this or other roles.
Export Control Regulations
Applicants for employment at Blue Origin must be a U.S. citizen or national, U.S. permanent resident (i.e. current Green Card holder), or lawfully admitted into the U.S. as a refugee or granted asylum.
Background Check
- Required for all positions: Blue's Standard Background Check
- Required for Certain Job Profiles: Defense Biometric Identification System (DBIDS) background check if at any time the role requires one to be on a military installation
- Required for Certain Job Profiles: Drivers who operate Commercial Motor Vehicles with a Gross Vehicle Weight (GVW), Gross Vehicle Weight Rating (GVWR) or combination of power unit and trailer that meets or exceeds 10,001 lbs. and/or transports placardable amounts of hazardous materials by ground in any vehicle on a public road while in commerce, may be subject to additional Federal Motor Carrier Safety Regulations including: Driver Qualification Files, Medical Certification (obtained before onboarding), Road Test, Hours of Service, Drug and Alcohol Testing (CDL drivers only), vehicle inspection requirements, CDL requirements (if applicable) and hazardous materials transportation/shipping training.
- Required for certain Job Profiles: Ability to obtain and maintain Merchant Mariner Credential, which includes pre-employment and random drug testing as well as DOT physical
Benefits
- Benefits include: Medical, dental, vision, basic and supplemental life insurance, paid parental leave, short and long-term disability, 401(k) with a company match of up to 5%, and an Education Support Program.
- Stock Options for all regular employees (working
Information Systems Security Engineer
At Blue Origin, we envision millions of people living and working in space for the benefit of Earth. We're working to develop reusable, safe, and low-cost space vehicles and systems within a culture of safety, collaboration, and inclusion. Join our team of problem solvers as we add new chapters to the history of spaceflight!
Blue Origin is pioneering the future of space-based communications with TeraWave, a revolutionary satellite communications network designed to deliver symmetrical data speeds of up to 6 Tbps anywhere on Earth. This multi-orbit constellation will consist of optically interconnected satellites in low Earth orbit (LEO) and medium Earth orbit (MEO), providing enterprise-grade connectivity for critical operations worldwide.
The Information Systems Security Engineer is responsible for conducting information system security engineering activities across the TeraWave program lifecycle. This role captures and refines information security requirements and ensures their effective integration into system design, development, and configuration through purposeful security architecting. The ISSE will work as an integral part of the integrated project team, coordinating with systems engineers, software developers, network architects, and program leadership to ensure cybersecurity is built into the constellation from the ground up.
Key Responsibilities
- Design and implement security architectures for space and ground system segments, including satellite bus software, ground station networks, mission operations centers, and communication link infrastructure
- Develop and maintain System Security Plans (SSPs), security architecture documentation, and risk assessment packages
- Integrate cybersecurity monitoring, auditing, and recovery measures across all system segments
- Define security requirements for inter-satellite links, ground-to-space uplinks, and user terminal interfaces
Compliance Framework Implementation
- Implement and maintain controls across multiple concurrent frameworks:
- NIST SP 800-53 Rev 5: Security and privacy control selection, tailoring, and implementation
- ISO/IEC 27001:2022: Information Security Management System (ISMS) requirements, internal audit support, and continuous improvement
- ITAR (22 CFR Part 120-130): Export-controlled technical data protection and access control
Perform cross-framework control mapping and gap analysis to identify implementation efficiencies Support Risk Management Framework (RMF) activities as applicable to program requirements Space Systems Cybersecurity
- Apply cybersecurity principles to flight software, ground software, and communication link security
- Address space-specific threat vectors including signal jamming, spoofing, unauthorized commanding, and supply chain compromise
- Ensure systems are designed to adapt to evolving cybersecurity threats and maintain operational resilience
- Support secure over-the-air (OTA) update capabilities for the satellite constellation
- Evaluate and recommend encryption solutions for data in transit and at rest across all system segments
Assessment & Risk Management
- Conduct security risk assessments and threat modeling for constellation components
- Support security control assessments and ISO 27001 surveillance audits
- Develop and track Plans of Action and Milestones (POA&Ms) for identified vulnerabilities
- Maintain continuous monitoring programs and produce compliance evidence artifacts
Cross-Functional Collaboration
- Coordinate security activities with information security architects, ISSOs, and the Cybersecurity GRC team
- Provide cybersecurity input to systems engineering trade studies, design reviews (SRR, PDR, CDR), and test planning
- Support supply chain risk management activities for constellation hardware and software components
Minimum Qualifications
- Bachelor's degree in Computer Science, Cybersecurity, Systems Engineering, or related technical field
- 8+ years of experience in information systems security engineering, with at least 3 years in space systems, satellite programs, or aerospace
- Demonstrated experience implementing NIST SP 800-53 security controls in operational environments
- Working knowledge of ISO/IEC 27001:2022 ISMS requirements, including internal audit and certification support
- Understanding of space system architectures (ground segment, space segment, link segment, user segment)
- Familiarity with ITAR compliance and handling of export-controlled technical data
- U.S. Citizenship required (ITAR-controlled program)
Preferred Qualifications
- Master's degree in Cybersecurity, Systems Engineering, or related field
- Knowledge of SPARTA (Space Attack Research and Tactic Analysis) threat framework
- Experience with satellite constellation architectures, mesh networking, or inter-satellite links
- Cloud security experience (AWS GovCloud, commercial AWS)
- Familiarity with secure software development practices (DevSecOps) for embedded or flight software
- Experience with RF communications security and link encryption
- Background in network security for distributed ground station architectures
Certifications (one or more preferred)
- CISSP (Certified Information Systems Security Professional)
- CISM (Certified Information Security Manager)
- CompTIA Security+
- ISO 27001 Lead Implementer or Lead Auditor
- CCSP (Certified Cloud Security Professional)
Why This Role Matters
TeraWave represents Blue Origin's entry into global broadband communications via a constellation of over 5,000 satellites. The ISSE will shape the cybersecurity posture of this system from its earliest design phases, ensuring the constellation can withstand adversarial threats while meeting rigorous commercial and government compliance standards. This is a foundational role with direct impact on mission success and program viability.
Compensation Range for:
CA applicants is $264,103.00 - $369,743.85
WA applicants is $264,103.00 - $369,743.85
Other site ranges may differ
Culture Statement
Don't meet all desired requirements? Studies have shown that some people are less likely to apply to jobs unless they meet every single desired qualification. At Blue Origin, we are dedicated to building an authentic workplace, so if you're excited about this role but your past experience doesn't align perfectly with every desired qualification in the job description, we encourage you to apply anyway. You may be just the right candidate for this or other roles.
Export Control Regulations
Applicants for employment at Blue Origin must be a U.S. citizen or national, U.S. permanent resident (i.e. current Green Card holder), or lawfully admitted into the U.S. as a refugee or granted asylum.
Background Check
- Required for all positions: Blue's Standard Background Check
- Required for Certain Job Profiles: Defense Biometric Identification System (DBIDS) background check if at any time the role requires one to be on a military installation
- Required for Certain Job Profiles: Drivers who operate Commercial Motor Vehicles with a Gross Vehicle Weight (GVW), Gross Vehicle Weight Rating (GVWR) or combination of power unit and trailer that meets or exceeds 10,001 lbs. and/or transports placardable amounts of hazardous materials by ground in any vehicle on a public road while in commerce, may be subject to additional Federal Motor Carrier Safety Regulations including: Driver Qualification Files, Medical Certification (obtained before onboarding), Road Test, Hours of Service, Drug and Alcohol Testing (CDL drivers only), vehicle inspection requirements, CDL requirements (if applicable) and hazardous materials transportation/shipping training.
- Required for certain Job Profiles: Ability to obtain and maintain Merchant Mariner Credential, which includes pre-employment and random drug testing as well as DOT physical
Benefits
- Benefits include: Medical, dental, vision, basic and supplemental life insurance, paid parental leave, short and long-term disability, 401(k) with a company match of up to 5%, and an Education Support Program.
- Stock Options for all regular employees (working
