Senior Detection and Response Engineer

Location

Torrance, CA

Employment Type

Full time

Department

Software

Compensation

• Estimated Base Salary $160K – $220K

Compensation at Northwood Space is based on role, level, location, and alignment with market data. Individual base pay is determined on a case-by-case basis and may vary depending on job-related skills, education, experience, and technical expertise. In addition to base salary, Northwood Space offers long-term incentives such as company stock options and discretionary performance bonuses. Benefits include equity, comprehensive health care, flexible vacation, retirement savings plans, and opportunities for professional development.

About Northwood:

Northwood is a modern space infrastructure company focused on connecting space and Earth. The world runs on space. Space will run on Northwood. Our global ground network ensures that missions ranging from national security, to global connectivity, to disaster response can unlock their full potential and operate every day without fail.

Role:

We're building the internet for space. Help us defend it.

Northwood is deploying a global network of phased array ground stations for mission-critical government and commercial space communications. We need a Senior Detection and Response Engineer to build and operate our security operations center, hunt threats across distributed satellite infrastructure, and lead incident response for systems that can't go down.

Responsibilities

• Lead incident response and forensics - Own security incidents from detection through resolution across globally distributed ground stations and cloud infrastructure. Conduct digital forensics, malware analysis, and coordinate response efforts for incidents impacting national security missions.

• Build and tune detection rules - Develop custom detection logic for SIEM platforms that can identify threats specific to satellite communications and ground station operations. Create behavioral analytics and threat hunting queries for distributed infrastructure.

• Operate 24/7 security monitoring - Monitor security events across AWS multi-cloud environments, Linux-based ground station systems, and satellite communication networks. Triage alerts, investigate suspicious activity, and elevate critical threats.

• Hunt threats across space infrastructure - Proactively search for advanced persistent threats targeting satellite ground stations, RF communications, and space-based assets. Develop threat hunting methodologies for unique attack vectors in space communications.

• Create incident response playbooks - Build runbooks for security incidents specific to satellite ground stations and space communications. Develop escalation procedures and communication protocols for government customers and mission-critical operations.

• Analyze threat intelligence - Research adversary tactics targeting aerospace and defense infrastructure. Integrate threat feeds into detection systems and brief stakeholders on emerging threats to space communications.

• Build security automation - Develop Python/PowerShell scripts for automated incident response, threat hunting workflows, and security orchestration across distributed ground station networks.

Basic Qualifications

• 5+ years of hands-on SOC operations, incident response, or threat hunting experience

• Experience with SIEM platforms (Splunk, Sentinel, Chronicle) including custom rule development and advanced search techniques

• Digital forensics and malware analysis skills with tools like Volatility, YARA, and hex editors

• Proficiency in Python, PowerShell, or similar languages for security automation and threat hunting

• Experience with endpoint security platforms (CrowdStrike, SentinelOne) and network security monitoring

• Strong Linux forensics and log analysis skills across distributed systems

• Knowledge of threat intelligence frameworks (MITRE ATT&CK, Diamond Model) and IOC analysis

• Ability to obtain and maintain TS/SCI clearance

Preferred Qualifications

• Experience with cloud security monitoring in AWS, Azure, or multi-cloud environments

• Background in aerospace, defense, or critical infrastructure security operations

• Experience with threat hunting in air-gapped or highly regulated environments

• Knowledge of RF communications, satellite systems, or space-based asset security

• Certifications such as GCIH, GCFA, GNFA, or similar incident response credentials

• Experience building security orchestration and automated response (SOAR) workflows

• Familiarity with government incident reporting requirements and procedures

Additional Information:

To conform to U.S. Government space technology export regulations, including the International Traffic in Arms Regulations (ITAR) you must be a U.S. citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C. 1324b(a)(3), or eligible to obtain the required authorizations from the U.S. Department of State.
Northwood is an Equal Opportunity Employer; employment with Northwood is governed on the basis of merit, competence and qualifications and will not be influenced in any manner by race, color, religion, gender, national origin/ethnicity, veteran status, disability status, age, sexual orientation, gender identity, marital status, mental or physical disability or any other legally protected status.

Compensation Range: $160K - $220K

#J-18808-Ljbffr

Location

Torrance, CA

Employment Type

Full time

Department

Software

Compensation

• Estimated Base Salary $160K – $220K

Compensation at Northwood Space is based on role, level, location, and alignment with market data. Individual base pay is determined on a case-by-case basis and may vary depending on job-related skills, education, experience, and technical expertise. In addition to base salary, Northwood Space offers long-term incentives such as company stock options and discretionary performance bonuses. Benefits include equity, comprehensive health care, flexible vacation, retirement savings plans, and opportunities for professional development.

About Northwood:

Northwood is a modern space infrastructure company focused on connecting space and Earth. The world runs on space. Space will run on Northwood. Our global ground network ensures that missions ranging from national security, to global connectivity, to disaster response can unlock their full potential and operate every day without fail.

Role:

We're building the internet for space. Help us defend it.

Northwood is deploying a global network of phased array ground stations for mission-critical government and commercial space communications. We need a Senior Detection and Response Engineer to build and operate our security operations center, hunt threats across distributed satellite infrastructure, and lead incident response for systems that can't go down.

Responsibilities

• Lead incident response and forensics - Own security incidents from detection through resolution across globally distributed ground stations and cloud infrastructure. Conduct digital forensics, malware analysis, and coordinate response efforts for incidents impacting national security missions.

• Build and tune detection rules - Develop custom detection logic for SIEM platforms that can identify threats specific to satellite communications and ground station operations. Create behavioral analytics and threat hunting queries for distributed infrastructure.

• Operate 24/7 security monitoring - Monitor security events across AWS multi-cloud environments, Linux-based ground station systems, and satellite communication networks. Triage alerts, investigate suspicious activity, and elevate critical threats.

• Hunt threats across space infrastructure - Proactively search for advanced persistent threats targeting satellite ground stations, RF communications, and space-based assets. Develop threat hunting methodologies for unique attack vectors in space communications.

• Create incident response playbooks - Build runbooks for security incidents specific to satellite ground stations and space communications. Develop escalation procedures and communication protocols for government customers and mission-critical operations.

• Analyze threat intelligence - Research adversary tactics targeting aerospace and defense infrastructure. Integrate threat feeds into detection systems and brief stakeholders on emerging threats to space communications.

• Build security automation - Develop Python/PowerShell scripts for automated incident response, threat hunting workflows, and security orchestration across distributed ground station networks.

Basic Qualifications

• 5+ years of hands-on SOC operations, incident response, or threat hunting experience

• Experience with SIEM platforms (Splunk, Sentinel, Chronicle) including custom rule development and advanced search techniques

• Digital forensics and malware analysis skills with tools like Volatility, YARA, and hex editors

• Proficiency in Python, PowerShell, or similar languages for security automation and threat hunting

• Experience with endpoint security platforms (CrowdStrike, SentinelOne) and network security monitoring

• Strong Linux forensics and log analysis skills across distributed systems

• Knowledge of threat intelligence frameworks (MITRE ATT&CK, Diamond Model) and IOC analysis

• Ability to obtain and maintain TS/SCI clearance

Preferred Qualifications

• Experience with cloud security monitoring in AWS, Azure, or multi-cloud environments

• Background in aerospace, defense, or critical infrastructure security operations

• Experience with threat hunting in air-gapped or highly regulated environments

• Knowledge of RF communications, satellite systems, or space-based asset security

• Certifications such as GCIH, GCFA, GNFA, or similar incident response credentials

• Experience building security orchestration and automated response (SOAR) workflows

• Familiarity with government incident reporting requirements and procedures

Additional Information:

To conform to U.S. Government space technology export regulations, including the International Traffic in Arms Regulations (ITAR) you must be a U.S. citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C. 1324b(a)(3), or eligible to obtain the required authorizations from the U.S. Department of State.
Northwood is an Equal Opportunity Employer; employment with Northwood is governed on the basis of merit, competence and qualifications and will not be influenced in any manner by race, color, religion, gender, national origin/ethnicity, veteran status, disability status, age, sexual orientation, gender identity, marital status, mental or physical disability or any other legally protected status.

Compensation Range: $160K - $220K

#J-18808-Ljbffr

• 

• Government Careers

Show more