Lead, Product and Data Link Security

Lead, Product and Data Link Security

Logos Space is a Low Earth Orbit (LEO) satellite system purpose-built to serve the connectivity needs of the commercial enterprise users and government users. We will help fill an important gap in the market, providing resilient, high-performance satellite-based connectivity services to enterprise and government customers worldwide. Business customers have contracts with agreed-upon performance standards for their broadband, and Logos will build these capabilities into the system from the beginning.

Speed and reliability are the foundation of the system. Logos is designed to extend cloud and data center network connectivity anywhere in the world to fixed, seaborne, and airborne terminals.

Logos is led by a team of highly experienced engineers with proven track records in the networking and satellite industries.

The Network Engineering team at Logos Space is responsible for ensuring the success of our network by providing unique levels of security and authentication in space communications. The framework for this is inherent in the concept of a Layer 2, 2.5, and 3 service that can support full end to end, or customer-provided encryption, isolated flows, and point to point delivery that never utilizes shared infrastructures, such as IP Transit exchanges.

Providing these services, and fully exploiting the benefits of this framework is the fundamental challenge in this position.

This position will be responsible for developing an integrated security architecture across the payload, bus, ground segment and Software Defined Network segments of the Logos architecture, and both managing its implementation, and working with the other implementation teams to ensure if it is fully implemented. Once deployed, the security architecture will need to address emergent threats and continually evolve to meet new ones.

This role is not an advisory one; it is a driver of much of the architecture, and will require overseeing extensive development efforts specific to the security architecture, as well as those included within the other development efforts, such the ground segment and spacecraft systems.

You should be prepared to work and thrive in a fast moving environment where you are comfortable taking vague design ideas and turning them into tangible hardware ready for test and flight. We are seeking engineers who love to solve hard problems!

The full responsibilities include:

• Security Strategy and Architecture:
  Develop and maintain a comprehensive security strategy, architecture, and roadmap tailored to the specific challenges and opportunities presented by a hybrid space and terrestrial network operating at all layers of the network. Specific focuses include:
  • Develop the technical requirements for confidentiality and authentication throughout the Logos system, protecting both customer traffic and Logos control over the network.
  • Develop the product security requirements to ensure that the Logos product is not vulnerable to any form of cyber attack or denial. Continually update these as the threat environment continues to evolve
  • Develop policies, practices, and implement assurance of the security of the Logos supply chain; ensuring no vulnerabilities are introduced by any element of the supply chain
• Threat Modeling and Risk Assessment:
  Conduct thorough threat modeling and risk assessments to identify vulnerabilities and potential attack vectors across all network layers and environments (space, ground infrastructure, and interconnections).
• Security Controls Implementation:
  Lead the design, implementation, and management of security controls, including but not limited to:
  • Network segmentation strategies
  • Intrusion detection and prevention systems (IDS/IPS)
  • Encryption technologies for data in transit and at rest, considering the unique constraints of space-based links.
  • Access control mechanisms, including multi-factor authentication (MFA) and role-based access control (RBAC)
  • Security Information and Event Management (SIEM) system design and integration
  • Vulnerability management programs, including regular scanning and remediation efforts.
• Incident Response:
  Develop and maintain incident response plans and procedures specific to the hybrid network environment, including simulation exercises and post-incident analysis. Lead and coordinate security incident response activities.
• Security Monitoring and Analysis:
  Establish robust security monitoring capabilities to detect and analyze suspicious activity across the network. Develop custom alerts and dashboards to provide actionable insights.
• Compliance and Governance:
  Ensure adherence to relevant security standards, regulations, and compliance frameworks (e.g., NIST, ISO 27001) as they pertain to both terrestrial and potentially space-based operations.
• Collaboration and Communication:
  Collaborate effectively with network engineering, systems engineering, and software development teams to integrate security best practices throughout…