Job Board
LogoLogo
Application Tracker
Get Daily Notifications
New

Get Jobs Tailored to Your Resume

Filtr uses AI to scan 1000+ jobs and finds postings that perfectly matches your resume

Spire Logo

Software Engineer, Product Security

Spire

$171,000 - $202,500
Dec 5, 2025
Boulder, CO, US
Apply Now

Spire is looking to shift security left in their development processes by implementing automated security controls and ensuring compliance with security standards like NIST 800-171/CMMC.

Requirements

  • Proficiency in container security (Docker/Kubernetes), security tools (e.g., Trivy, Snyk, Falco, OPA), and programming languages for tooling (Python, Rust).
  • Understanding of modern attacks and defenses.
  • Knowledge of common threats (e.g., injection, lateral movement), controls (NIST 800-53 mappings), DevSecOps practices, SBOMs, zero-trust principles, and SIEM-integrated logging.
  • Experience with secure cloud systems (AWS), CI/CD security, and compliance efforts (e.g., NIST, CMMC, or FedRAMp).
  • Familiarity with AWS security services (e.g., GuardDuty, Security Hub, Config) and IaC tools (Terraform).
  • Experience with embedded or satellite security (e.g., secure boot, over-the-air updates).
  • Contributions to open-source security projects.

Responsibilities

  • Assist in integrating security automation into pipelines (e.g., GitHub Actions/ArgoCD for SAST/DAST/SCA, SBOM generation, and vulnerability scanning).
  • Contribute to evolving standard libraries/infra for authn/authz, logging, and other runtime security features, including testing and updates.
  • Hands-on support for implementing controls (e.g., encryption, secure configurations, monitoring) to meet/exceed CMMC Level 2 requirements in AC, IA, SC, and SI families, building on our ISO 27001 foundation.
  • Participate in security architecture reviews, code audits, and threat modeling; help identify and remediate issues like API vulnerabilities or supply chain risks.
  • Engage in code reviews, pair programming sessions, and tooling development to advance secure practices; provide peer support within the security engineering team.
  • Embedding automated controls such as SBOMs and vulnerability scanning into CI/CD pipelines
  • Maintaining and updating our internal shared libraries and infrastructure for authentication, authorization, and logging

Other

  • 5+ years in software or security engineering, with at least 3+ years in security-focused roles.
  • Ability to collaborate constructively with internal teams and contribute to external security discussions as needed.
  • Proven ability to work in small, agile teams and learn from senior mentors.
  • Experience in regulated industries (defense/aerospace); clearance for sensitive data handling.
  • Work a minimum of three days per week in the office.