Principal Cloud Security Engineer

ABOUT ROCKET LAB

Rocket Lab is an end-to-end space company delivering responsive launch services complete spacecraft design and manufacturing payloads satellite components and more all with the goal of opening access space. The rockets and satellites we build and launch enable some of the most ambitious and vital space missions globally supporting scientific exploration Earth observation and missions to combat climate change national security and exciting new technology demonstrations.

Our Electron rockethas become the second most frequently launched U.S. rocket annually and has delivered more than 230 satellites to orbit all while we work to develop Neutron our upcoming medium-lift reusable launch vehicle for larger constellation deployment. Our Space Systems business designs and builds our extensive line of satellites payloads and their components including spacecraft that have been selected to support NASA missions to the Moon and Mars and components used on the James Webb Space Telescope.

IT

Rocket Labs IT team is responsible for how our global teams access information and run operations across our computer systems networks and devices. Our hardworking IT team is a group of flexible problem-solvers working in a fast-paced environment but who also thrive under the challenge of supporting all of our proprietary systems and people from finance to launch operations.

PRINCIPAL CLOUD SECURITY ENGINEER

Based out of Rocket Labs Conant office in Long Beach CA the Principal Cloud Security Engineer must demonstrate a firm grasp of cloud-first automated API-driven security and statistical risk concepts and communication. They will work on securing all facets of Rocket Labs cloud presence: the wide array of vendor services code pipelines deploying into prod and non-prod environments and automation performing an assortment of business-critical operations. They will provide analyses including quantifiable statistical information regarding IT and Cybersecurity risk to business partners with fiduciary responsibility. They will support the IT organization to develop a secure reliable and fiercely efficient platform to empower the Rocket Labs objectives as a rapidly growing multinational space company.

WHAT YOULL GET TO DO:

• Design implement and maintain security controls for hybrid cloud-based environments including infrastructure as a service (IaaS) platform as a service (PaaS) software as a service (SaaS) and function as a service (FaaS) solutions.
• Design and develop custom automation in pursuit of cyber team objectives.
• Provide security support for internal and external design reviews related to security.
• Conduct security assessments and risk analyses to identify vulnerabilities and develop mitigation strategies for automated infrastructure such as public cloud CI/CD pipelines and agentic systems.
• Work with Infrastructure Operations to Implement and manage identity and access management (IAM) solutions to control access to cloud resources and applications.
• Develop documentation plans and proofs of concept for cybersecurity-related platform improvements.
• Configure and monitor cloud security tools and services.
• Collaborate with development teams to integrate security best practices into the software development lifecycle (SDLC) DevOps and MLOps processes.
• Maintain systems to help the team stay up-to-date on emerging threats vulnerabilities and industry best practices related to DevSecOps/MLOps and recommend proactive measures to enhance security posture.
• Provide guidance and support to internal teams on security-related matters including incident response compliance and security awareness training.
• Participate in regular security audits assessments and compliance reviews to ensure adherence to regulatory requirements and industry standards.

YOULL BRING THESE QUALIFICATIONS

• Bachelors degree in computer science or cybersecurity or equivalent career experience
• 12 years experience with scripting languages such as bash powershell or python
• 12 years experience with configuration management / infrastructure as code such as CFengine Puppet Ansible Cloudformation Terraform
• Extensive experience with git-driven version control such as Github GitLab Bitbucket Phorge etc.
• Extensive experience in ticketing systems such as Jira ServiceNow
• Experience working under ITIL/Change Review systems
• Experience with VMDBs like Brinqa or Tenable
• Experience working under US Government compliance regimes (HIPAA CCTT NIST DISA STIG etc.)
• Proven experience in cloud security architecture design and implementation with expertise in major cloud platforms such as AWS Azure or Google Cloud Platform
• Strong understanding of networking concepts encryption techniques and secure communication protocols
• Extensive experience reading network traffic captures and packet dumps core dumps and system logs
• Extensive experience with CLI scanning tools like Trivy ClamAV Trufflehog OpenSCAP and Grype
• Hands-on experience with cloud security tools and services such as AWS Security Hub Azure Security Center or Google Cloud Security Command Center
• Experience with vendor-agnostic assessment engines like Cloud Custodian Panther or PowerPipe
• Experience with databases like postgresql sqlite and data formats like parquet and arrow
• Experience with analytics systems like PowerBI or Jupyter

THESE QUALIFICATIONS WOULD BE NICE TO HAVE:

• Advanced degree in computer science compliance or law
• Involvement with community cybersecurity organizations
• Experience with the following:
  • Compiled languages like C rust or golang
  • Significant outage / incident management
  • AWS GovCloud / Azure GCC High
  • Wireshark/tcpdump
  • CI/CD pipeline security
  • Tier 2 cloud vendors
  • Hybrid cloud engineering
  • SAST and DAST testing
  • Secrets management / vaults / HSMs
  • Vulnerability research / pentests / red teaming
  • Organizing CTFs
  • Cloud incident response / forensics
  • Log aggregators like Graylog ELK or Splunk
  • Security bot development

ADDITIONAL REQUIREMENTS:

• Specific vision abilities required by this job include close vision distance vision peripheral vision depth perception and the ability to focus.
• Regularly required to sit use hands and fingers operate computer keyboard and controls and communicate verbally and in writing.
• Must be physically able to commute to buildings.
• Occasional exposure to dust fumes and moderate levels of noise.

WHAT TO EXPECT

Were on a mission to unlock the potential of space to improve life on Earth but thats not an easy task. It takes hard work determination relentless innovation teamwork grit and an unwavering commitment to achieving what others often deem impossible. Our people out-think out-work and out-pace. We pride ourselves on having each others backs checking our egos at the door and rolling up our sleeves on all tasks big and small. We thrive under pressure work to tight deadlines and our focus is always on how we can deliver rather than dwelling on the challenges that stand in the way.

Important information:

FOR CANDIDATES SEEKING TO WORK IN US OFFICES ONLY:

To conform to U.S. Government space technology export regulations including the International Traffic in Arms Regulations (ITAR) Rocket Lab Employees must be a U.S. citizen lawful U.S. permanent resident (i.e. current Green Card holder) or lawfully admitted into the U.S. as a refugee or granted asylum or be eligible to obtain the required authorizations from the U.S. Department of State and/or the U.S. Department of Commerce as applicable. Learn more about ITAR here.

Rocket Lab provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race color religion age sex national origin disability status genetics protected veteran status sexual orientation gender identity or expression or any other characteristic protected by federal state or local laws. This policy applies to all terms and conditions of employment at Rocket Lab including recruiting hiring placement promotion termination layoff recall transfer leaves of absence compensation and training.

Applicants requiring a reasonable accommodation for the application/interview process for a job in the United States should contact Giulia Johnson at This dedicated resource is intended solely to assist job seekers with disabilities whose disability prevents them from being able to apply/interview. Only messages left for this purpose will be considered. A response to your request may take up to two business days.

FOR CANDIDATES SEEKING TO WORK IN NEW ZEALAND OFFICES ONLY:

For security reasons background checks will be undertaken prior to any employment offers being made to an applicant. These checks will include nationality checks as it is a requirement of this position that you be eligible to access equipment and data regulated by the United States International Traffic in Arms Regulations.

Under these Regulations you may be ineligible for this role if you do not hold citizenship of Australia Japan New Zealand Switzerland the European Union or a country that is part of NATO or if you hold ineligible dual citizenship or nationality. For more information on these Regulations click hereITAR Regulations.