About this role
Astranis builds advanced satellites for high orbits, expanding humanity’s reach into the solar system. Today, Astranis satellites provide dedicated, secure networks to highly-sophisticated customers across the globe— large enterprises, sovereign governments, and the US military. With five satellites on orbit and many more set to launch soon, the company is servicing a backlog of more than $1 billion of commercial contracts.
Astranis is the preferred satellite communications partner for buyers with stringent requirements for uptime, data security, network visibility, and customization. Astranis has raised over $750 million from some of the world’s best investors, from Andreessen Horowitz to Blackrock and Fidelity, and employs a team of 450 engineers and entrepreneurs. Astranis designs, builds, and operates its satellites out of its 153,000 sq. ft. headquarters in Northern California, USA.
Senior Product Security Engineer
As a Senior Product Security Engineer, you will help secure both the software and embedded components that power our systems. This hybrid role focuses primarily on product/application security while contributing to embedded security reviews where software and hardware intersect. You will guide secure design, evaluate critical components, and partner closely with engineering teams across the stack to ensure our products are secure by default. This role does not expect deep hardware hacking but requires a broad security mindset to provide expertise where embedded systems and software meet.
Role
- Lead threat modeling, architecture reviews, and design-level risk assessments for both application and embedded system components.
- Conduct secure code reviews for critical modules in Python and C/C++, supporting secure coding practices across all engineering teams.
- Evaluate cryptographic usage, authentication/authorization flows, and protocol security across the stack.
- Identify and prioritize vulnerabilities in software and firmware; partner with developers on remediation and mitigation strategies.
- Participate in security assessments of embedded devices, especially where software interfaces with hardware.
- Provide security input on high-level aspects of secure boot, firmware update integrity, and device identity mechanisms.
- Partner with software, firmware, hardware, and systems teams to implement consistent, secure solutions.
Requirements
- 5+ years of experience in software engineering with a focus on security.
- Strong investigative, analytical problem-solving skills and attention to detail.
- Experience with secure architecture design and threat modeling for complex systems (including both web services and IoT/embedded devices).
- Software development and security expertise in both high-level languages (e.g., Python) and low-level languages (e.g., C, C++).
- Experience with security best practices for web applications (OWASP Top 10) and familiarity with embedded security concepts (e.g., secure boot, JTAG, UART).
- Proven ability in auditing code for security flaws across different technology stacks.
- Strong knowledge of security best practices, applied cryptography, and security frameworks.
- Strong communication skills, with the ability to discuss security with both software and hardware engineers.
- Ability to work collaboratively within a multi-disciplinary team environment.
Base pay is just one component of Astranis’s total rewards package. Your compensation also includes a significant equity package via incentive stock options, high-quality company-subsidized healthcare, disability and life insurance, 401(k) retirement planning, flexible PTO, and free on-site catered meals.
Jobb.ai is an independent skill benchmarking platform. Applications are submitted on the employer's official website.