Cyber Security Product Risk Manager (Space Systems)

About SET Development

SET Development is a specialized engineering services firm supporting advanced aerospace and defense programs. Our teams embed directly with clients to solve complex technical challenges across spacecraft systems, avionics, flight software, communications, and mission operations.

We focus on delivering high-impact expertise while building long-term capability within our client organizations.

Position Overview

SET Development is seeking a Cyber Security Product Risk Manager to support the security and resilience of space-based systems, including spacecraft and associated hardware.

This role sits at the intersection of cybersecurity, space systems engineering, and compliance , ensuring that cyber risks are identified, assessed, and mitigated across the full product lifecycle—from architecture through operations.

You will act as a key cybersecurity authority within a multidisciplinary engineering environment, driving RMF implementation, hardware-level security analysis, and compliance execution .

Key Responsibilities

Cybersecurity & Technical Execution

• Lead cybersecurity strategy and risk management across spacecraft systems and embedded hardware
• Develop methodologies to detect and analyze hardware-level vulnerabilities (e.g., PCB analysis, debug port identification)
• Perform firmware extraction, reverse engineering, and exploit analysis
• Support secure architecture development, including secure boot and space bus systems
• Ensure cybersecurity requirements are embedded across the full lifecycle (design → test → operations)

RMF & Compliance

• Architect and execute Risk Management Framework (RMF) implementation
• Develop and maintain:
  • System Security Plans (SSP)
  • Risk Assessment Reports
  • Security Controls Traceability Matrices (SCTM)
  • Plans of Action & Milestones (POA&Ms)
• Apply NIST 800-53 controls (CNSSI-1253 context) to space systems
• Support cybersecurity assessment events with ISSOs, ISSMs, and engineering teams

Cross-Functional Leadership

• Act as the cybersecurity lead within integrated space engineering teams
• Coordinate across Cyber, Systems Engineering, Compliance, and Legal
• Drive prioritization across multiple product initiatives and workstreams
• Serve as escalation point for cybersecurity risks and issues

Stakeholder & Program Engagement

• Provide regular updates to senior leadership and program stakeholders
• Collaborate with suppliers and partners on secure product development
• Engage with government stakeholders and industry partners on cybersecurity strategy
• Incorporate customer feedback into product and security improvements

Required Qualifications

Education

• Bachelor’s degree in Cybersecurity, Electrical Engineering, Aerospace Engineering, or related STEM field OR equivalent experience

Experience

• 5+ years of cybersecurity experience in aerospace, defense, or embedded systems environments
• Strong experience implementing RMF in complex systems
• Hands-on experience with hardware or firmware security
• Familiarity with:
  • NIST 800-53 / CNSSI-1253
  • DevSecOps practices
• 5+ years of program or project leadership experience, including:
  • Leading complex, multi-team initiatives
  • Delivering systems or products with measurable impact

Preferred Qualifications (Where People Usually Fall Short)

• Direct experience with spacecraft systems or satellite architectures
• Experience securing onboard computers / flight software
• Background in offensive security (exploit development, reverse engineering)
• Experience supporting ATO / cybersecurity accreditation processes
• Familiarity with supply chain cybersecurity risks in aerospace

Core Competencies

• Strong systems-level thinking (not just checklist compliance)
• Ability to operate in ambiguous, fast-moving environments
• Comfortable pushing back on engineering teams when risk is real
• High ownership mentality—this is not a “support” role

Why This Role Matters

Most programs treat cybersecurity as documentation. This role exists to prevent that failure mode.

You will directly influence how secure space systems are designed, built, and deployed—not just how they’re audited.