Sr Staff Security Software Engineer

Overview

Satine Technologies is looking for a Sr Staff Security Software Engineer to own the security engineering function on a mission-critical program. You'll work at the intersection of software development and security architecture - building secure systems, not just reviewing them. This is a technical leadership role for someone who has strong opinions about how security should be integrated into software delivery and can back them up with code.

No government or federal contracting experience required. If you've led security engineering in a product or cloud environment, you have the foundation we need. We'll bring the mission context.

This is a contingent position - employment is subject to contract award and funding. Public Trust eligibility required (US citizenship or LPR).

About the Role

You'll be the security engineering anchor on a software development program. That means threat modeling, secure code review, DevSecOps implementation, and being the person developers come to when they need to know how to do something the right way - not just the person who flags problems after the fact.

At this level, we expect you to shape how the team thinks about security, not just enforce it. You'll own the security architecture, drive compliance tooling into the delivery pipeline, and be a credible technical voice with stakeholders when security trade-offs come up.

What You'll Do

• Own security architecture across a software system - from application layer through infrastructure
• Integrate security into the CI/CD pipeline: SAST, DAST, dependency scanning, secrets management, container security
• Lead threat modeling exercises for new features and system changes
• Perform security code review and set standards for how the team writes secure code
• Drive security compliance from the engineering side - not just documentation, but actual control implementation
• Partner with the SRE team on infrastructure security - network segmentation, IAM, logging and monitoring for security events
• Advise stakeholders on security posture, risk trade-offs, and remediation prioritization

What We're Looking For

Required:

• 10+ years of software engineering with a deep security specialization - you still write code, not just review it
• Strong understanding of secure SDLC and DevSecOps practices at scale
• Experience implementing security tooling in CI/CD pipelines (SAST, DAST, SCA)
• Ability to communicate security risk clearly to non-security stakeholders
• US citizenship or Lawful Permanent Resident status (Public Trust eligibility required)

Paths In - You Might Be a Fit If You:

• Come from an AppSec or product security background at a tech company and want to work on systems where security failures have real-world consequences
• Have been the security lead on an engineering team and want real ownership over architecture, not just compliance paperwork
• Have been doing security engineering work informally - the person everyone asks - and want a role where that's the actual job
• Have a background in offensive security and want to apply that attacker mindset to building better defenses

Helpful but Not Required:

• Familiarity with security or compliance frameworks (NIST 800-53, FedRAMP, SOC 2, ISO 27001, or similar)
• Experience with Kubernetes security (pod security, network policies, secrets management)
• Background in cloud security posture management (CSPM) tools
• CISSP, OSCP, or equivalent credentials (we care more about what you can do)
• Experience with zero trust architecture implementation

About Satine Technologies

Our mission is to protect the institutions that underpin free society from cyber threats. We're a small, mission-driven team that works on problems that matter - from offensive security testing for hospitals and banks to building capabilities for national security missions.

We invest in people who invest in themselves. This isn't a body shop. You'll work with a team that takes pride in technical craft and cares about developing the people who join us.

Benefits

• Health insurance with vision, dental, and HSA
• Life insurance (100% employer-funded)
• 401(k) with 4% match
• Flexible PTO

To all recruitment agencies: Satine Technologies does not accept agency resumes.