Information Systems Security Manager – ISSM

🕒 Abril 20

🏄 California – Remoto

🏄 California – Remote

💵 $115.000 - $125.000 / ano

⏰ Tempo Integral

🟡 Pleno

🟠 Sênior

👮‍♂️ Cibersegurança / Engenheiro de Segurança

Candidatar-se

Encontrar Vagas Remotas Similares

Receber Emails de Vagas Remotas

📊 Verifique sua pontuação de currículo para esta vaga

Melhore suas chances de conseguir uma entrevista verificando sua pontuação de currículo antes de se candidatar.

Enviar Currículo

Oklo Inc

SiteLinkedInTodas as Vagas

51 - 200 funcionários

Fundada em 2013

⚡ Energia

💰 Venture Round em 2021-11

Energy • Technology

Oklo Inc. é uma empresa de tecnologia em energia focada no projeto e na implantação de usinas avançadas de fissão. Sua abordagem inovadora utiliza reações de fissão nuclear, semelhantes às das usinas nucleares existentes, porém otimizadas para ampliar a segurança e a eficiência. A tecnologia da Oklo pode utilizar resíduos nucleares como combustível, oferecendo uma solução de energia limpa, confiável e acessível. A missão da empresa é aproveitar a fissão nuclear para fornecer energia sustentável, ao mesmo tempo em que aborda questões de desperdício de energia.

Descrição

• Serve as the primary authority for the security posture of Oklo’s information systems. • Implement, maintain, and continuously improve information system security controls in alignment with NIST 800-53 and NIST 800-171. • Ensure security requirements are embedded into system design, configuration, and operations across on-premises and cloud environments. • Implement, assess, and remediate system configurations against security baselines and hardening standards, including DISA STIGs and CIS Benchmarks, ensuring secure and compliant system configurations across servers, endpoints, and cloud resources. • Partner with IT and engineering teams to ensure secure architectures, access controls, encryption, and monitoring. • Oversee system-level security monitoring, logging, and alerting to detect and respond to security events. • Lead incident response activities, including investigation, containment, remediation, and post-incident reviews. • Coordinate vulnerability management activities, including scanning, remediation tracking, and validation. • Ensure timely application of security patches and configuration hardening across systems and platforms. • Own execution of security compliance activities related to various standards and contract requirements such as SOX, NIST and CMMC. • Build, Create and Maintain System Security Plans (SSPs), policies, procedures, and supporting security artifacts. • Conduct system risk assessments and track risks through mitigation, acceptance, or remediation. • Support internal and external audits and assessments, ensuring evidence readiness and corrective action tracking. • Enforce controls related to export-controlled data (DOE ECI), including access restrictions, segmentation, and secure data handling. • Develop, maintain, and enforce information security policies, standards, and procedures. • Ensure security documentation is accurate, current, and aligned with operational reality. • Provide clear, actionable guidance to system owners and users regarding security responsibilities and expectations. • Act as a trusted advisor to the Senior Manager of IT and Cyber on system security risks, gaps, and improvement opportunities • Partner with engineering, operations, and compliance teams to balance security, usability, and innovation • Communicate security risks, decisions, and requirements effectively to both technical and non-technical stakeholders

🎯 Requisitos

• 6+ years of experience in information security or cybersecurity, with 3+ years in a system security, security engineering, or compliance-focused role. • Proven experience applying, remediating, and maintaining compliance with security configuration frameworks such as DISA STIGs and CIS Benchmarks. • Proven operational experience securing and maintaining systems across Linux, macOS, and Windows environments, with Linux as the primary operating system. • Demonstrated experience implementing or operating security controls under NIST frameworks. • Experience using automated or semi-automated compliance tooling to assess and remediate STIG or CIS controls (e.g., SCAP, OpenSCAP, compliance-as-code, or equivalent). • Prior experience supporting federally regulated environments, including DOE, NRC, DoD, or similar regulatory bodies. • Active certification meeting DoD 8570 / DoD 8140 baseline requirements for Information Assurance / Cybersecurity roles, including one or more of the following: • CISSP • CISM • CASP+ • GSLC • Security+ • Must be considered a “U.S. Person” under 8 U.S.C. 1324b(a)(3).

🏖️ Benefícios

• flexible time off • equity • competitive pay • 401k • health insurance • FSA • flexible work hours