Sr. Cyber Assurance Analyst
Sr. Cyber Assurance Analyst
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
$ 125000 - 175000
1 Vacancy
Job Description
SpaceX was founded under the belief that a future where humanity is out exploring the stars is fundamentally more exciting than one where we are not. Today SpaceX is actively developing the technologies to make this possible with the ultimate goal ofenabling human life on Mars.
SR. CYBER ASSURANCE ANALYST
Cyber Assurance is the practice of providing confidence that systems products and processes meet security regulatory and compliance obligations. It bridges governance with technical execution validating that controls are in place risks are managed and requirements are met for both internal and customer-facing systems.
As a teammate you will operate within the Information Assurance working closely with engineers to understand systems how controls are implemented be hands-on with collecting and reviewing evidence driving efficiencies and remediation efforts along with providing technical certification support for Starlink products in line with required international standards.
As an ideal candidate you love living at the intersection of security compliance and emerging technology. You thrive on rolling up your sleeves to dig into configs logs and making sense of challenging complex or ambiguous requirements. Youre comfortable explaining security frameworks and security best practices to non-technical teams as you are at grabbing a hash of a file or identifying an insecure default configuration. You are firm when it matters but also flexible to consider alternative ways to move the ball forward. You excel at handling concurrent complex efforts and flourish in an environment where learning never ceases where the breadth of operations ranges from satellites to routing tables and where teams are laser-focused on mission accomplishment -- excitement guaranteed!
RESPONSIBILITIES:
- Lead and support security audits and certification (ISO 27001 NIST PCI etc.) efforts
- Partner with engineers to gather and validate technical evidence (configs code snippets logs system designs etc)
- Support product security certification efforts (e.g. telecom CPE or country-specific regulatory requirements)
- Perform technical security and risk assessments of systems and networks within our environment and identify where they deviate from security policy standards or regulations.
- Identify security control/ compliance gaps advise on remediation and drive timely resolution with engineers.
- Maintain necessary documentation of controls processes and audits.
- Identify and drive assessments and audit efficiency through system integration data utilization and process improvement.
- Support third-party risk management efforts including supplier onboarding and periodic cyber assessments
- Identify and propose business enabling actions by maintaining an up-to-date understanding of emerging trends in information security risks changes in standards and new compliance/assurance techniques and trends.
- Mentor fellow teammates and take an active role in their development
BASIC QUALIFICATIONS:
- High school diploma or equivalency certificate
- 5 years experience (can be concurrent) in cybersecurity compliance audit or technical security roles with strong knowledge in security compliance frameworks (e.g. ISO 27001 NIST PCI-DSS)
- 5 years of experience (can be concurrent) with control testing security standards/policy development security audits or security risk management.
PREFERRED SKILLS AND EXPERIENCE:
- Ability to interpret code/ configurations and analyze system/ network designs for compliance implications.
- Experience with security tooling such as vulnerability scanners SIEMS container security system configuration baseline checks (e.g. CIS Benchmarks STIGs etc.)
- Hands-on experience supporting product-level security testing or certifications (e.g. Consumer Premise Equipment/ CPE devices network equipment)
- Knowledge of other U.S. and international regulatory requirements (e.g. EU NIS2 EU RED UK PTSI GDPR SOX SOC 1/2 etc.)
- Experience evaluating third-party risk communicating with external stakeholders and supporting appropriate mitigations.
- Strong communication skills across all organizational levels and ability to build cross-organizational coalitions.
- Direct experience with external audits regulatory compliance reviews and examinations.
- Project and program management experience tooling integration and delivery in highly fluid environments.
- Processional certifications such as CISA CISM CISSP GSNA ISO 27001 auditor PCI ISA or QSA or equivalent certifications.
ADDITIONAL REQUIREMENTS:
- Must be willing to work extended hours and/or weekends as needed.
- Must be willing to travel (<25%) domestically and internationally in support of audit and other assurance activities.
COMPENSATION AND BENEFITS:
Pay range:
Cyber Assurance/Senior: $125000.00 - $175000.00/per year
Your actual level and base salary will be determined on a case-by-case basis and may vary based on the following considerations: job-related knowledge and skills education and experience.
Base salary is just one part of your total rewards package at SpaceX. You may also be eligible for long-term incentives in the form of company stock stock options or long-term cash awards as well as potential discretionary bonuses and the ability to purchase additional stock at a discount through an Employee Stock Purchase Plan. You will also receive access to comprehensive medical vision and dental coverage access to a 401(k) retirement plan short and long-term disability insurance life insurance paid parental leave and various other discounts and perks. You may also accrue 3 weeks of paid vacation and will be eligible for 10 or more paid holidays per year. Employees in Washington State accrue paid sick time in compliance with state and federal law. Company shuttles are offered to employees for roundtrip travel from select Seattle locations to the SpaceX Redmond office Monday to Friday.
ITAR REQUIREMENTS:
- To conform to U.S. Government export regulations applicant must be a (i) U.S. citizen or national (ii) U.S. lawful permanent resident (aka green card holder) (iii) Refugee under 8 U.S.C. 1157 or (iv) Asylee under 8 U.S.C. 1158 or be eligible to obtain the required authorizations from the U.S. Department of State. Learn more about the ITAR here.
SpaceX is an Equal Opportunity Employer; employment with SpaceX is governed on the basis of merit competence and qualifications and will not be influenced in any manner by race color religion gender national origin/ethnicity veteran status disability status age sexual orientation gender identity marital status mental or physical disability or any other legally protected status.
Applicants wishing to view a copy of SpaceXs Affirmative Action Plan for veterans and individuals with disabilities or applicants requiring reasonable accommodation to the application/interview process should reach out to.
Required Experience:
Senior IC
Employment Type
Full Time
