Cybersecurity Analyst

About Varda

Low Earth orbit is open for business. Varda is accelerating the development of commercial space infrastructure from in-orbit pharmaceutical processing to reliable and economical reentry capsules.

From life-saving pharmaceuticals to more powerful fiber optics there is a world of products used on Earth today that can only be manufactured in space. Varda is accelerating innovation in the orbital economy by creating both the products and infrastructure needed so space can directly benefit life on Earth. Our mission is to expand the economic bounds of humankind.

Our team is uniquely suited to accomplishing this goal with leadership and staff comprised of veterans from SpaceX Blue Origin major pharmaceutical companies and Silicon Valley. Varda was founded in January 2021 by Will Bruey and Delian Asparouhov with significant backing from world class investors including Khosla Ventures Lux Capital Founders Fund Caffeinated Capital General Catalyst and Also Capital.

Varda is headquartered in El Segundo California where we have offices and a production facility where our vehicles equipment and materials are built integrated and tested. Varda also has offices in Washington DC and Huntsville AL.

Join Varda and work to create a bustling in-space ecosystem.

Cybersecurity Analyst

InfoSecOrganization Reports toCISO On-site

About the Role

We are hiring a Cybersecurity Analyst to own our day-to-day security monitoring function and produce the evidencerequiredto achieve andmaintainour cybersecurity certification. This role is the operational core of ourcybersecurity organization responsible for managing alert triage across ourcybersecurity tool stack coordinating with our managedSOCpartner documenting security events and keeping our monitoring and incident response activities continuously evidenced and ready for review.

This is a hands-on high-accountability role reporting directly to the CISO. You will work closely with our InfoSec Engineer Compliance Program Manager and our managed security operations partner. You will help set up and monitor our security tool stack which spans endpoint protection network detection secure web access application control and identity management. You establish the monitoring cadence that keeps our security posture visible and our compliance evidence current.

The Immediate Mission

You will be assisting in getting the organization assessment ready:

• Take ownership of daily alert triage across our security tool stack reviewing and dispositioning alerts before they age without review
• Serve as the internal liaison to our managed SOC partner receiving their monitoring reports validating their outputs and integrating their work into our compliance evidence.
• Build and maintain the incident log ensuring every security event is captured classified and closed with supporting documentation.
• Produce audit log evidence demonstrating that our systems are monitored logs are retained and events are reviewed on a consistent schedule.
• Deliver regular monitoring reports to our compliance tracking platform ensuring up-to-date evidence flows into our central repository.
• Coordinate with the Compliance Program Manager to ensure monitoring and incident response evidence is organized and ready for assessor review.

WhatYoullOwn

Security Monitoring and Alert Triage

• Own daily triage of alerts from our network detection platform and other security tools reviewing classifying escalating and documenting dispositions.
• Serve as the primary internal point of contact for our managed security operations partner receiving daily and weekly alert summaries validating completeness and tracking open items to closure.
• Maintain the security event log a running record of alerts dispositions escalations and outcomes that serve as core compliance evidence
• Identify patterns in alert data and surface recurring issues to the InfoSec Engineer for remediation.
• Ensure continuous monitoring coverage is documented and demonstrable a direct requirement of the cybersecurity framework we are certifying against

Incident Response Documentation

• Own the incident log documenting every security event from detection through closure including timeline classification containment actions and resolution.
• Coordinate with our managed security operations partner on incident triage escalation and post-incident reporting ensuring their outputs are captured and integrated into our internal records.
• Maintain the Incident Response Plan as a living document updating it based on lessons learned and ensuring it reflects actual operational procedures.
• Produce incident response evidence for our compliance assessment including incident logs escalation records containment documentation and post-incident reviews.
• Support the Compliance Program Manager in mapping incident documentation to the applicable compliance controls.

Log Management and Audit Evidence

• Pull and organize log samples from our endpoint protection network security web access application control and identity management platforms demonstrating that logging is active and coverage is comprehensive.
• Document log configuration including retention settings coverage scope and alert thresholds as evidence that our monitoring posture meets compliance requirements
• Produce regular monitoring reports to our compliance tracking platform ensuring the system reflects the current operational status
• Coordinate with the InfoSec Engineer to ensure logging is enabled and configured correctly across all systems in scope.
• Maintain organized evidence packages including log samples triage records and monitoring reports ready for assessor review.

ManagedSOCCoordination

• Serve as the day-to-day operational liaison to our managed security operations partner tracking deliverables validating report quality and escalating gaps to the CISO.
• Ensure monitoring outputs from our security partner are received on schedule and integrated into internal compliance records.
• Own the deliverable log tracking what has been received what is outstanding and what has been incorporated into evidence packages.
• Coordinate with the Compliance Program Manager to ensure third-party security operations outputs satisfy our compliance requirements.

Continuous Monitoring and Compliance Platform

• Maintain our compliance tracking platform as the operational source of truth formonitoringevidence uploading reports log reviews and control status updates on a regular cadence
• Support the Compliance Program Manager inmaintainingcontinuous compliance readiness after certification
• Flag gaps in monitoring coverage log retention or incident documentation to the CISO and Compliance Program Manager
• Participate in periodic control effectiveness reviews providing operational data and evidence to support ongoing assessments

Basic Qualifications

• 3 or more years in cybersecurity operations SOC analyst or cybersecurity monitoring role
• Hands-on experience with endpoint protection network detection or security event management platforms in an operational capacity including reviewing alerts triaging events and documenting outcomes
• Demonstrated ability to write andmaintainincident response documentation such as incident logs incident reports and post-incident reviews
• Experience working with or alongside a managed security operations provider receiving their output and integrating it into internal security operations
• Familiarity with audit logging requirements and log review processes including an understanding of what logging coverage means and how todemonstrateit
• Organized detail-oriented and able tomaintaindocumentation quality under day-to-day operational pressure
• Comfortable working in a lean security organization where you own your domain independently

Preferred Qualifications

• Direct experience supporting a formal cybersecurity compliance effort with an understanding of how operational security outputs map to compliance evidence

Our current security tool stack and the experience we are looking for:

• Endpoint protection and detection we use CrowdStrike
• Network detection and response we use Darktrace
• Secure web gateway and network security we use Zscaler
• Application allows listing and execution control we useThreatLocker
• Identity and access management event monitoring we use Okta
• Compliance tracking and evidence management we use Vanta
• Relevant certifications are a plus but notrequired. We recognize SecurityCySA GCIA GCIH and CISA as strong signals for this role. Candidates working toward or eligible for CISSP are equally welcome.
• Familiarity with compliance-driven security environments where day-to-day monitoring and incident documentation are part of a larger audit and certification process is a plus but not required.
• Familiarity with security information and event management platforms such as Splunk Microsoft Sentinel or Chronicle relevant as we continue to build out our log aggregation capabilities
• Abachelors degree in computer science Information Technology Cybersecurity or a related field is a plus. Equivalent hands-on experience military cybersecurity training or industry certifications are equally considered.

Compensation

• Cybersecurity Analyst: $110000 - $140000
• Leveling and base salary are determined by job-related skills education level experience level and job
• performance
• You will be eligible for long-term incentives in the form of stock options and/or long-term cash awards
• Offer compensation also includes the ability to purchase company stock through the Employee Stock Purchase Plan

• Varda like all employers must ensure that its employees working in the United States are lawfully authorized to work in the U.S. Additionally our employees are exposed to and have access to certain export-controlled items. At present some of our technology to which employees have access requires a license to be exported to individuals other than U.S. Persons as defined in U.S. export regulations. Because our employees are provided access to export-controlled items our current policy is to only hire U.S. persons who are permitted to have access to our technology without an export license.

  US person means: U.S. citizen U.S. lawful permanent resident or protected individual as defined by 8 U.S.C. 1324b(a)(3) (i.e. individual admitted to the U.S. as a refugee or granted asylum in the U.S.)

  Learn more about the ITAR here.

Benefits