Jobs · Engineering · California

Sr. Cyber Assurance Analyst, Launch

SpaceX · Hawthorne, CA · 3 wk ago
On-siteEngineering$130k–$180k/yrFull-time

Responsibilities

  • Lead and support security audits and certification (NIST 800-171, NIST 800-53, ISO 27001, etc.) efforts.
  • Partner with engineers to gather and validate technical evidence (configs, code snippets, logs, system designs, etc).
  • Perform technical security and risk assessments of systems and networks within our environment and identify where they deviate from security policy, standards or regulations.
  • Identify security control and compliance gaps, advise on remediation, and drive timely resolution with engineers.
  • Maintain necessary documentation of controls, processes and audits.
  • Identify and drive assessments and audit efficiency through system integration, data utilization, and process improvement.
  • Support third-party risk management efforts including supplier onboarding and periodic cyber assessments.
  • Identify and propose business enabling actions by maintaining an up-to-date understanding of emerging trends in information security risks, changes in standards, and new compliance/assurance techniques and trends.
  • Mentor fellow teammates and take an active role in their development.

BASIC QUALIFICATIONS

  • High school diploma or equivalency certificate.
  • 5+ years of experience in cybersecurity compliance, audit or technical security roles with strong knowledge in security compliance frameworks.
  • 5+ years of experience with control testing, security standards/policy development, security audits, or security risk management.

PREFERRED SKILLS AND EXPERIENCE

  • Ability to interpret code/configurations and analyze system/network designs for compliance implications.
  • Experience with security tooling such as vulnerability scanners, SIEMS, container security, system configuration baseline checks (e.g. CIS Benchmarks, STIGs, etc.).
  • Demonstrated experience partnering with and preparing information system owners for internal assessments, facilitating and leading external audits, and driving gaps and findings to closure in a collaborative manner.
  • Strong understanding of security program and control frameworks, assessment methodologies, and practices, i.e. NIST RMF, NIST CSF, ISO-27001, 800-53(a), 800-171(a), CMMC, CNSSI 1253, 800-137, PCI, HIPAA, GDPR, etc.
  • Experience evaluating third-party risk, communicating with external stakeholders, and supporting appropriate mitigations.
  • Strong communication skills across all organizational levels and ability to build cross-organizational coalitions.
  • Direct experience with external audits, regulatory compliance reviews and examinations.
  • Project and program management experience, tooling integration, and delivery in highly fluid environments.
  • Professional certifications such as CISA, CISM, CISSP, GSNA, ISO 27001 auditor, PCI ISA or QSA, or equivalent certifications.

ADDITIONAL REQUIREMENTS

  • Must be willing to travel (
  • Must be willing to work extended hours and/or weekends as needed.
  • This role requires you to be onsite, remote/hybrid work will not be considered.

Similar jobs