Security Operations Engineer

As an end‑to‑end space transportation company, Firefly Aerospace is on a mission to enable our world to launch, land, and operate in space – anywhere, anytime. Our launch vehicles, lunar landers, and orbital vehicles provide government and commercial customers with full mission services from low Earth orbit to the surface of the Moon and beyond. Headquartered in North Austin, Texas, Firefly is looking for passionate, hardworking innovators to join our team and help fuel our successful trajectory into space.

As a Security Operations Engineer I at Firefly Aerospace, you will play a critical role in engineering, maintaining, and optimizing the automation architecture across our cybersecurity ecosystem. This role focuses heavily on workflow automation, scripting, and the deep integration of security tools with enterprise applications. You will operate at the intersection of system design, data science, and cybersecurity, streamlining operations to reduce manual workloads while significantly strengthening our overall security posture.

This position offers the opportunity to build full‑stack solutions and drive efficiency through automation. You will collaborate closely with security leadership, system administrators, and development teams to enhance our monitoring capabilities and ensure strict alignment with critical compliance frameworks.

• Develop, deploy, and maintain robust automation scripts utilizing Python, Bash, and Power Shell to support security infrastructure and compliance workflows.
• Architect integrations between security tools and enterprise applications via REST APIs (GET/POST, OAuth, JSON parsing) to optimize data exchange.
• Design and maintain reusable, automated processes for vulnerability management, patch management, and continuous compliance reporting.
• Manage and maintain version‑controlled codebases utilizing Git and established Dev Ops methodologies.

• Drive the automation of continuous compliance monitoring and evidence gathering for critical frameworks, specifically NIST 800‑171 and CMMC.
• Automate security monitoring, anomaly detection, and rapid response workflows for endpoint activity and network vulnerabilities.
• Execute proof‑of‑concept testing and validation for new security automation methodologies and tooling.
• Maintain rigorous, accurate documentation for all engineered scripts, API integrations, and automation workflows.

• Design and implement full‑stack solutions to aggregate, transform, and visualize complex security data from disparate sources.
• Develop web‑based dashboards and reporting systems to provide continuous visibility into compliance status, vulnerability remediation, and system anomalies.
• Apply data modeling and anomaly detection techniques to proactively identify and mitigate suspicious activities.
• Partner with cross‑functional technical teams to analyze existing workflows and engineer automated security solutions.

• BS or MS degree in Computer Science, Cybersecurity, Data Science, or a related technical discipline.
• Demonstrated proficiency in programming and scripting languages (Python, Bash, Power Shell).
• Experience with containerization (e.g. Docker, Kubernetes)
• Deep understanding of REST API integration, authentication mechanisms, and data parsing.
• Strong foundation in system design, data aggregation, and creating visualization dashboards.
• Experience managing code utilizing version control systems (Git).
• Exceptional analytical problem‑solving skills with a strict focus on operational efficiency.
• Ability to communicate complex technical architectures clearly within a collaborative environment.
• Direct experience automating compliance evidence for NIST 800‑171, CMMC, SOC 2, or ISO 27001.
• Experience applying data science, data modeling, or anomaly detection within a cybersecurity context.
• Hands‑on experience with SIEMs, vulnerability scanners, and endpoint detection and response (EDR) platforms.
• Exposure to cloud security automation (AWS Lambda, Azure Functions) and configuration management (Ansible, Terraform).
• Professional certifications such as CompTIA Security+,…