Software Security Engineer (Product Security) (mfd)

Mission Brief

You are the Architect of Secure Code for the next generation of spaceflight. At Isar Aerospace software doesnt just display data; it controls high-pressure propulsion and orbital trajectories. A vulnerability here isnt just a bug its a mission failure.

We are looking for a Software Security Engineer to own the security of our flight and ground software. You will move us from finding bugs to designing secure software. You will integrate security into the heartbeat of our development (CI/CD) ensuring that every line of code is scanned hardened and flight-ready before it ever reaches the launchpad.

This is a hands-on technical role. You will not just write policies; you will build the automated pipelines that stop insecure software from launching.

Your Role in Our Space Mission:

Architect the Secure SDLC (SSDLC)

• Define and implement the Secure by Design framework for our mission-critical flight and ground systems.
• Lead Threat Modeling sessions with engineering teams to identify design flaws before code is written.
• Translate security standards (e.g. NIST Industrial/Safety Standards) into actionable coding requirements for developers.

Build the DevSecOps Pipeline

• Own the AppSec Toolchain: Select configure and manage automated security tools (SAST SCA DAST Secret Scanning) within our CI/CD pipelines.
• Eliminate Security Friction: Tune tools to reduce false positives so developers trust the pipeline.
• Automate the generation of SBOMs (Software Bill of Materials) to track every library and dependency for CRA compliance.

Code Security & Vulnerability Management

• Perform deep-dive security code reviews on critical components (Propulsion Control Telemetry Safety Systems).
• Triage and prioritize vulnerabilities found by automated scanners.
• Act as the Vulnerability Handler for our products: Analyze incoming bug reports determine impact and drive remediation with engineering teams.

Software Regulatory Compliance (CRA)

• Ensure our software meets the strict requirements of the upcoming EU Cyber Resilience Act (CRA).
• Define the technical controls required to meet Essential Entity status for aerospace software.
• Support Product Security Compliance (CRA): Act as the technical lead for our compliance with the EU Cyber Resilience Act (CRA) helping to generate Software Bills of Materials (SBOMs) and ensure our products meet secure-by-design requirements.

Qualification Checklist

• Engineering Background: 5 years in Software Security AppSec or a Senior Developer role with a security focus. You can read and review complex code fluently.
• Pipeline Mechanic: Hands-on experience building CI/CD pipelines and integrating security scanners (e.g. SonarQube Snyk Coverity Semgrep).
• The Hacker Mindset: You understand common software vulnerabilities (Buffer Overflows Injection Race Conditions) and more importantly how to fix them in the codebase.
• Threat Modeling: Experience conducting threat modeling (STRIDE PASTA) and analyzing architectural risk.

Bonus Skills

• Regulatory Experience: Knowledge of SBOM standards (CycloneDX SPDX) or the EU Cyber Resilience Act.
• Industry Context: Experience in aerospace defense high-tech manufacturing or OT/ICS environments.
• Cloud-Native Security: Experience securing containerized (Docker/Kubernetes) and cloud-native application environments.
• Pragmatism and Drive: You are a highly autonomous professional who is passionate about building automating and enabling teams to create world-class secure software.
• A Mission-Critical Mindset: You understand that in our business a software defect doesnt just cause a blue screen it can lead to a Rapid Unscheduled Disassembly (RUD). You thrive in an environment where quality and security are not just goals but a prerequisite for mission success.

Benefits

• Employee Participation Program: Share in our success through our virtual company share program
• 30 days of vacation: Enjoy the days off to relax and recharge
• Company pension plan: Secure your future with our company pension plan featuring a 20% employer contribution after the probation period
• Subsidised lunch: Stay energised with delicious subsidised lunches every day
• Public transport ticket: Commute with ease using a fully financed Deutschlandticket
• Sport Clubs membership: Stay fit with our sponsored sports club memberships (EGYM Wellpass)
• Individual learning allowance: Grow your skills with an individual learning budget granted after the probation period
• Childcare allowance: Receive a childcare allowance for your non-school-age children
• And Much More! Discover additional perks and benefits when you join our team

Who we are

We are Isar Aerospace and we are at the forefront of New Space building a modern space business to enable faster better and cheaper access to space.

Our mission is to help democratise space and use it for good in order to improve life on Earth now and for the future generations.

We are a fast-growing company aiming to provide sustainable and environmentally friendly launch solutions for small and medium-sized satellites and constellations into Low Earth Orbit. The company is privately funded by world-leading technology investors with strong commitment and support and our team is made of driven and talented people with a real passion for space innovation.

Were making rockets in a way that hasnt been done before disrupting a traditional industry. If you are up for the challenge want to work on cutting-edge projects and be part of a team changing the world for better come join us and launch your career!

Want to find out more about us

Visit

Disclaimer

Isar Aerospace SE is an equal-opportunity employer committed to fairness and inclusivity. We do not prioritize any specific religion gender nationality or background. Due to security clearance requirements affiliations with countries listed under 13 para. 1 no. 17 SÜG may affect the application process. All qualified applicants are encouraged to apply.