Security Architect

Why LeoLabs?

At LeoLabs, we’re building the living map of activity in space. Through our proprietary global radar network and AI-enabled analytics platform, we collect millions of measurements daily on more than 25,000 objects in low Earth orbit (LEO). Our radar-powered intelligence protects billions in assets, monitors adversarial behavior, and ensures safe operations for commercial and government missions.

We’re not just building technology, we are redefining global security, safety, and transparency in space. As orbital activity accelerates and threats grow more complex, LeoLabs is a trusted partner for Space Domain Awareness, Space Traffic Management, and Satellite Operations for top-tier space operators and allied defense organizations.

If you're looking to work on mission-critical challenges at the forefront of aerospace, national security, and AI, your impact starts here.

We are seeking an experienced Cybersecurity Architect to design, implement, and mature our enterprise security architecture. This role will be responsible for developing secure technology strategies, evaluating security risks, and ensuring that systems, applications, networks, and cloud environments are designed according to security best practices.

The Cybersecurity Architect, reporting to the Senior Director of Information Security, will work closely with IT, engineering, infrastructure, cloud, compliance, and business teams to embed security into enterprise platforms and technology initiatives. The ideal candidate has deep technical expertise, strong business judgment, and the ability to translate complex security concepts into practical, scalable solutions.

 

Key Responsibilities

• Design and maintain enterprise cybersecurity architecture across cloud, network, identity, application, endpoint, and data security domains. 
• Develop security standards, reference architectures, design patterns, and technical guardrails for enterprise systems. 
• Partner with engineering teams to ensure security is integrated into new and existing technology solutions. 
• Review architecture diagrams, technical designs, and implementation plans to identify security risks and recommend improvements.
• Lead security architecture efforts for cloud platforms such as AWS, Azure, or Google Cloud. 
• Define and support security controls for identity and access management, zero trust, encryption, vulnerability management, endpoint protection, logging, and monitoring.
• Evaluate emerging threats, technologies, and business requirements to recommend appropriate security solutions. 
• Support security risk assessments, threat modeling, and control validation activities.
• Collaborate with Governance, Risk, and Compliance teams to align architecture with regulatory and industry frameworks such as NIST, ISO 27001, CIS, SOC 2, or similar.
• Provide technical guidance during incident response, security investigations, and remediation planning. 
• Assess third-party tools, platforms, and vendors from a security architecture perspective.
• Mentor security engineers, IT teams, and application teams on secure design principles and best practices. 
• Create clear documentation, diagrams, and executive-ready recommendations for technical and non-technical audiences. 

 

Required Qualifications

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, Engineering, or a related field, or equivalent practical experience. 
• 7+ years of experience in cybersecurity, infrastructure security, cloud security, security engineering, or enterprise architecture. 
• 3+ years of experience designing security architectures for complex enterprise environments. 
• Strong knowledge of cloud security architecture in AWS, Azure, or Google Cloud.
• Experience with identity and access management, privileged access management, SSO, MFA, and zero trust security models. 
• Strong understanding of network security concepts, including firewalls, segmentation, VPNs, secure remote access, IDS/IPS, and secure DNS. 
• Experience with security tools such as SIEM, EDR/XDR, vulnerability management, CSPM, CNAPP, DLP, WAF, CASB, or SOAR platforms. 
• Familiarity with secure software development practices, DevSecOps, CI/CD security, container security, and API security. 
• Knowledge of encryption, key management, secrets management, and data protection strategies. 
• Ability to conduct threat modeling and risk-based security reviews. 
• Strong written and verbal communication skills, with the ability to influence technical and business stakeholders. 
• Ability to balance security requirements with business priorities and operational realities.

 

Preferred Qualifications

• Professional certifications such as CISSP, CCSP, CISM, SABSA, TOGAF, AWS Security Specialty, Azure Security Engineer, or Google Professional Cloud Security Engineer.
• Experience with regulated environments such as financial services, healthcare, government, SaaS, or critical infrastructure. 
• Experience supporting security architecture for hybrid cloud or multi-cloud environments.
• Knowledge of Kubernetes, containers, microservices, and modern application architectures.
• Experience developing enterprise security roadmaps and maturity models. 
• Familiarity with compliance frameworks such as NIST CSF, NIST 800-53, ISO 27001, SOC 2, FedRAMP, or CIS Controls. 
• Experience presenting security risks and recommendations to executives or senior leadership. 

 

The successful candidate will:

• Improve the organization’s security architecture maturity. 
• Reduce technical security risk across critical systems and platforms. 
• Establish reusable security patterns and standards. 
• Strengthen cloud, identity, network, and application security controls. 
• Enable secure delivery of business and technology initiatives. 
• Build trusted partnerships across security, IT, engineering, and business teams. 

 

Within 1 month, you will:

• Complete onboarding and establish working relationships with Security, IT, cloud, infrastructure, engineering, compliance, and business stakeholders.
• Review the current enterprise security architecture, active initiatives, known risks, major platforms, and existing standards or design review processes.
• Build an initial inventory of priority architecture decisions, open control gaps, technical debt, third-party dependencies, and high-risk systems requiring near-term attention.
• Establish an architecture engagement model, including intake expectations, review cadence, documentation standards, and escalation paths for risk decisions.

 

Within 3 months, you will:

• Deliver a current-state security architecture assessment that identifies critical risks across cloud, identity, network, endpoint, application, logging, and data security domains.
• Create a prioritized 90-day security architecture roadmap with defined project workstreams, owners, dependencies, risk reduction outcomes, and executive-level recommendations.
• Publish or refresh core design standards and reference patterns for cloud security, identity and access, zero trust, encryption, logging, vulnerability management, and secure application delivery.
• Lead security architecture reviews for the highest-priority business and technology initiatives, ensuring risks are documented, decisions are traceable, and remediation actions are assigned.

 

Within 6 months, you will:

• Deliver a target-state enterprise security architecture and supporting implementation backlog for priority modernization initiatives.
• Establish reusable architecture artifacts, including control guardrails, threat models, design patterns, exception handling criteria, architecture decision records, and implementation checklists.
• Partner with IT, engineering, cloud, infrastructure, and compliance teams to move key security initiatives from design into execution, including identity, cloud, network segmentation, telemetry, endpoint, and application security improvements.
• Define measurable architecture program metrics, such as design review coverage, exception aging, control adoption, cloud guardrail coverage, remediation progress, and risk reduction against critical systems.

 

Within 12 months, you will:

• Mature the security architecture function into a repeatable, project-oriented service that is embedded into major technology initiatives and enterprise planning cycles.
• Demonstrably reduce technical security risk across priority systems by driving adoption of approved security patterns, closing critical control gaps, and improving architecture governance.
• Deliver a multi-quarter security architecture roadmap and maturity model that aligns business priorities, compliance requirements, engineering capacity, and long-term security capabilities.
• Create a sustainable operating model for architecture reviews, standards maintenance, exception management, executive reporting, and cross-functional delivery of security modernization projects.

 

Perks and Benefits

• Global workforce: flexible remote/hybrid opportunities
• Work on complex, meaningful missions with real-world impact
• Unlimited paid time off for most roles
• Competitive salary and equity packages
• Comprehensive health, dental, and vision coverage
• Access to the forefront of commercial space operations and defense innovation

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identify, national origin, disability, or status as a protected veteran.