Infrastructure & Security Engineer in San Diego, California at Firestorm

Who We Are
Firestorm is building the next generation of uncrewed aircraft and the advanced manufacturing systems that deliver them at speed. The Software Integration & Operations department owns the software layer that spans factory floor to cloud — the applications, automation, edge systems, and intelligence that make it possible to iterate product designs, automate advanced manufacturing, and scale production with uncompromising quality and rigor.
As an Infrastructure & Security Engineer, you own the security and compliance envelope around the manufacturing software platform. Your scope is the security architecture of a system that spans commercial cloud, GovCloud, on-premise edge on the factory floor, and eventually air-gapped DoD environments — and the compliance posture that lets Firestorm operate in each of them. Security and compliance are preconditions for shipping, not afterthoughts. You define how identity, secrets, and trust boundaries are architected across the platform; you translate FedRAMP and ITAR controls into operable technical implementations; and you serve as the security authority on architectural decisions and design reviews across the department.
You partner tightly with our cloud infrastructure experts, who owns the cloud runtime the platform operates on, and with our devops engineers who operate shared security tooling at the department level. The boundaries are deliberate — you own how the platform is secured and governed; they own how it runs — and the two concerns must resolve cohesively as the department grows.
What You'll Do

• Own the security architecture of the manufacturing software platform end-to-end: identity, secrets, network segmentation, audit logging, data residency, and the trust boundaries between environments.
• Drive FedRAMP and ITAR readiness — translating compliance controls into concrete, operable technical implementation in partnership with compliance leadership and the DevSecOps team.
• Own the edge-to-cloud trust model and data pipeline security in partnership with the embedded engineering team — how factory-floor systems authenticate, stream data, and maintain security boundaries under disconnection.
• Define and enforce the compliance topology across commercial cloud, GovCloud, on-premise edge, and air-gapped DoD environments — what can talk to what, under what conditions, with what audit trail.
• Serve as the security authority on architectural decisions, design reviews, and incident response across the department when the issue involves the platform's security posture.
• Deliver solutions that harden security without compromising operability every release

Required Qualifications

• Bachelor’s degree in Computer Science, Engineering, or related field (or equivalent practical experience)
• U.S. Citizenship required due to ITAR regulations
• 5+ years of security engineering, cloud security architecture, or infrastructure-security experience with production ownership.
• Strong background in security architecture: IAM, secrets management, network segmentation, audit logging, and boundary enforcement across multi-environment deployments.
• Experience designing or operating systems in a regulated environment — FedRAMP, ITAR, HIPAA, PCI, or similar — with a track record of translating controls into working code and configuration, not just documentation.
• Working proficiency in AWS or Azure and infrastructure-as-code tooling (Terraform or equivalent) — enough to partner effectively with the Cloud Infrastructure Engineer on joint design work, not necessarily to own runtime operations.
• Demonstrated ability to influence architectural decisions across engineering teams through design reviews and written design documents.
• Demonstrated history of holding yourself and your teammates to a high standard, even when it creates discomfort.
• U.S. person status required due to ITAR/EAR constraints on the work.

Preferred Qualifications

• Hands-on experience with AWS GovCloud, Azure Government, or other regulated cloud environments.
• Prior FedRAMP Moderate or High authorization experience.
• Experience with edge-to-cloud security architectures in industrial or manufacturing settings.
• Familiarity with air-gapped deployment models.
• Background that includes both greenfield security architecture and mature-platform hardening.

Work Environment

• Remote (U.S.) with the option to be based at our Headquarters in San Diego, CA. We welcome candidates who are local or open to relocating; relocation assistance is available and may be included in the offer package where appropriate
• Willingness to travel up to 10% domestically for testing and demonstrations

Compensation US Salary Range: $160,000 - $205,000 USD The posted salary range reflects an estimate based on a variety of compensation factors, including but not limited to relevant experience, education, certifications, specialized skills, geographic location, and business needs. Actual compensation may vary, and this range is subject to change as our compensation structure or market conditions evolve. Benefits & Perks Our culture fosters collaboration, respect, and trust, empowering passionate people to do their best work. We offer a competitive salary, comprehensive benefits, and opportunities for career growth. In addition to an opportunity to take part in an innovative, collaborative and fast-growing business with a highly motivated and skilled team, we also take pride in taking care of our employees. Here are just a few ways that we show our appreciation:

• We offer comprehensive medical, dental, and visions plans
• 401(k) Retirement Savings Plan to invest in your long-term retirement goals
• Equity grants for new hires
• Unlimited PTO
• Extremely generous company holiday calendar, including a holiday hiatus in November, & December.
• Generous Parental Leave
• Lifestyle Spending Account
• FSA
• DCFSA
• HSA
• Hospital Indemnity insurance
• Critical Illness insurance
• Accident insurance
• Basic Life/AD&D, short-term and long-term disability insurance, 100% covered by Firestorm. Plus, the option to purchase additional life insurance for you and your family.
• Mental Health Resources: We provide free mental health resources 24/7 including therapy and more. Additional work-life services, such as free legal and financial support, are available to you as well.

Export Control Compliance To conform to U.S. government export control regulations, including the International Traffic in Arms Regulations (ITAR) and Export Administration Regulations (EAR), you must be a U.S. citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C. 1324b(a)(3), or otherwise eligible to obtain the required authorizations from the U.S. Department of State or U.S. Department of Commerce. Equal Opportunity Statement Firestorm is an equal opportunity employer, committed to creating a diverse and inclusive workplace, and upholding equitable hiring practices. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other characteristic under federal, state, or local law, including those with a criminal history, in a manner consistent with the requirements of applicable state and local laws, including the CA Fair Chance Initiative for Hiring Ordinance. We actively encourage members of recognized minorities, women, Veterans, and those with disabilities to apply, and we work to create a welcoming and supportive environment for all applicants throughout the interview process. Firestorm is committed to fostering an inclusive and accessible work environment. If you require accommodations or assistance during the application process, please don’t hesitate to reach out to us at careers@launchfirestorm.com so we can provide the support you need.

CompensationThe base pay range for this role is $160,000 – $205,000 per year.