Corporate Security Lead View
Listed on 2026-07-06
-
IT/Tech
Cybersecurity, Network Security
Northwood is a modern space infrastructure company bringing the benefits of space to the masses through advanced communications technology. We are building a global network of phased array ground stations that enable real-time, reliable communication for satellite missions such as national security, global connectivity, and disaster response. With a vertically integrated approach, Northwood designs, builds, and rapidly deploys scalable systems that power the next generation of space missions.
If you like solving complex challenges and seeing your work deployed around the world with real impact, Northwood is the place to do it.
As Security Engineering Lead, you will design, build, and own the security infrastructure that protects Northwood's ground station network, cloud environments, and corporate systems. This is a senior technical leadership role for an engineer who is equally at home architecting security platforms and mentoring a growing team.
You will lead the buildout of our SIEM and EDR capabilities, own corporate network security infrastructure including firewall management, and drive secure deployments across on-premises environments and AWS Gov Cloud and Microsoft GCC. You will define how Northwood engineers and operates security infrastructure at a scale and sensitivity level that does not exist elsewhere in the commercial space industry. This role reports to the Head of Security.
ResponsibilitiesSIEM & Detection Engineering
- Own the full lifecycle of Northwood's SIEM platform — architecture, log source onboarding across ground stations and cloud infrastructure, correlation rule development, tuning, and automated alerting.
- Build and maintain EDR platform operations, including agent deployment, policy management, alert triage, and integration with SIEM workflows.
- Develop and continuously improve detection content, incident response playbooks, and SOC processes for a distributed, mission-critical environment.
- Integrate security tooling with broader infrastructure through APIs and automation, reducing manual operational burden over time.
- Lead the deployment and ongoing tuning of User and Entity Behavior Analytics (UEBA) capabilities within the SIEM environment, establishing behavioral baselines and refining detection models to surface insider threats and anomalous activity.
- Develop and maintain UEBA use cases, correlation rules, and risk scoring models, working closely with the SOC to ensure alerts are actionable and high-fidelity.
- Analyze UEBA telemetry to identify patterns indicative of insider risk, compromised accounts, or policy violations, and drive remediation in coordination with HR, legal, and security leadership.
- Manage and maintain Forti Gate firewall infrastructure, including policy management, segmentation, firmware lifecycle, and log integration.
- Administer and optimize Cloudflare VPN and Zero Trust Network Access (ZTNA) configurations to support secure remote access and site connectivity.
- Deploy, harden, and maintain security infrastructure across on-premises environments and AWS Gov Cloud and Microsoft GCC, adhering to applicable compliance frameworks.
- Partner with product infrastructure engineers to ensure security is embedded in network and system architecture from the ground up.
- Deploy and manage email security infrastructure, including administration of platforms such as Proofpoint or Sublime Security, policy tuning, threat response, and integration with SIEM workflows.
- Design, implement, and maintain Data Loss Prevention (DLP) policies across endpoint, network, and cloud environments to protect sensitive data in alignment with CMMC and NIST 800-53 control requirements.
- Develop and enforce DLP rules and rulesets across email, web, and SaaS platforms, continuously tuning policies to reduce false positives while maintaining strong data protection coverage.
- Partner with legal, compliance, and IT teams to classify data assets and translate classification requirements into enforceable DLP controls across the enterprise.
- Support Okta administration in coordination with the IT operations team, including SSO…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).