About Aalyria:

Aalyria is a leading technology company that supplies laser communications technology and temporospatial software-defined networking platforms to the aerospace industry. With technology acquired from Google, Aalyria is at the forefront of innovation in satellite and airborne mesh networks, as well as cislunar and deep-space communications. We are revolutionizing the orchestration and management of planetary mesh networks using any radio or optical spectrum, any orbit, and any hardware across land, sea, air, and space.

Role Overview:

Aalyria is looking for a Corporate Engineer Lead to own the systems, tools, and infrastructure that keep our engineering organization running securely and efficiently. You'll be a technical anchor on the Corporate Engineering team, working closely with Security Engineering leadership to build and maintain a corporate environment that meets the demands of a fast-moving startup operating in regulated government and defense markets.

This is a hands-on role with real ownership. You'll be the person who knows how everything fits together and makes sure it stays that way.

Key Responsibilities:

• Own endpoint management across macOS, iOS, and Windows, including MDM configuration profiles, compliance policies, software deployment, and device lifecycle management across all platforms
• Administer and evolve our cloud collaboration and productivity environment: provisioning, group policies, DLP, audit logging, and third-party integrations
• Manage corporate identity infrastructure, user lifecycle, application integrations, MFA policies, Workflows automation, and SSO federation with partner systems; identity is the backbone of our access model and you'll be expected to go deep
• Design and enforce Zero Trust access controls across corporate infrastructure, integrating device compliance signals from MDM, identity assurance from our IdP, and network-layer controls to ensure least-privilege access at every layer
• Support and maintain cloud corporate infrastructure including identity-aware access proxies, VPC networking, and internal tooling
• Own corporate networking infrastructure such as firewalls, switches, access points, VLANs, VPN, and DNS/DHCP, ensuring reliable, segmented, and secure connectivity across office and remote environments
• Manage and maintain office hardware, AV, and conferencing systems, including lifecycle tracking, procurement coordination, and hands-on troubleshooting
• Administer and support engineering-specific tooling, including PDM/PLM platforms and similar design and product lifecycle tools, ensuring reliable access, license management, integration with corporate identity, and appropriate data handling controls for CUI-adjacent environments
• Integrate and maintain endpoint protection and security tooling at the corporate endpoint and identity layer
• Contribute to CMMC Level 2 and FedRAMP High compliance efforts, implementing and evidencing controls that fall within the corporate IT boundary (access control, configuration management, audit logging, media protection)
• Manage and continuously improve the IT helpdesk function, setting response standards, escalation paths, and self-service tooling for the organization
• Partner with Security Engineering to develop and enforce policies around CUI handling, device compliance, and user access on corporate systems
• Build and maintain automation across corporate systems, scripting provisioning workflows, enforcing configuration baselines, and reducing manual toil through repeatable, code-driven processes
• Drive infrastructure-as-code practices across corporate tooling for consistency and audit-ability

Required Qualifications:

• 5+ years in a corporate engineering, IT engineering, or systems engineering role at a technology company
• Deep experience with MDM platforms across macOS, iOS, and Windows, configuration profiles, compliance policies, certificate management, and multi-platform co-management
• Strong working knowledge of enterprise identity providers such as user lifecycle management, application SSO, group rules, workflow automation, and MFA configuration
• Demonstrated experience implementing Zero Trust architecture in a corporate environment, device posture enforcement, identity-aware access proxies, network segmentation, and least-privilege access across users, devices, and workloads
• Proficiency administering a cloud collaboration suite at scale (Google Workspace, Microsoft 365, or equivalent)
• Hands-on experience with cloud infrastructure platforms like IAM, VPC, identity-aware proxies, and cloud logging
• Solid networking fundamentals in VLAN design, firewall rule management, wireless infrastructure, and network segmentation in a corporate environment
• Experience supporting engineering tooling such as PDM/PLM platforms including administration, access control, and storage backend management
• Familiarity with security frameworks CMMC, FedRAMP, NIST 800-171, or CIS Benchmarks and what it means to implement and evidence controls in a corporate IT environment
• Strong scripting and automation ability in Bash, Python, or similar along with a track record of replacing manual processes with repeatable, maintainable tooling
• A bias toward documentation, repeatability, and getting things done without cutting corners

Preferred Qualifications:

• Experience supporting government or defense customers under ITAR, CMMC, or FedRAMP constraints
• Familiarity with EDR platform administration
• Experience managing supervised mobile device fleets
• Exposure to source control administration or CI/CD pipeline tooling

What We Offer:

• Innovative Environment: Work at a cutting-edge company shaping the future of aerospace communications.
• Impactful Work: Directly contribute to critical national security programs and initiatives.
• Growth Opportunities: Expand your career with opportunities for professional development and advancement.
• Inclusive Culture: Be part of a collaborative, supportive, and inclusive workplace where your contributions matter.
• Flexibility: Flexible working arrangements including hybrid remote/in-office schedules.
• Compensation and Equity: Competitive salary, comprehensive benefits (401(k), dental, vision, health, life insurance), paid time off, and equity options.

ITAR/EAR Requirements:

This position involves access to export-controlled information. To comply with U.S. government export regulations, applicants must meet one of the following criteria:

(A) Qualify as a U.S. person, which includes:

• U.S. citizen or national
• U.S. lawful permanent resident (green card holder)
• Refugee under 8 U.S.C. 1157
• Asylee under 8 U.S.C. 1158

(B) Be eligible to access export-controlled information without requiring an export authorization.

(C) Be eligible and reasonably likely to obtain the necessary export authorization from the appropriate U.S. government agency.

The company reserves the right to decline pursuing an export licensing process for legitimate business-related reasons.

Equal Opportunity Employer Statement:

Aalyria is an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We do not discriminate based on race, color, religion, sex (including pregnancy, gender identity, and sexual orientation), national origin, age, disability status, genetic information, protected veteran status, or any other characteristic protected by law. Qualified applicants from all backgrounds are encouraged to apply.