Security and Compliance Lead

Stelle nicht auf LinkedIn

🕒 vor 2 Monaten

Jetzt Bewerben

Ähnliche Remote-Jobs finden

E-Mails für Remote-Jobs erhalten

📊 Überprüfen Sie Ihre Lebenslauf-Bewertung für diese Stelle

Verbessern Sie Ihre Chancen auf ein Vorstellungsgespräch, indem Sie Ihre Lebenslauf-Bewertung vor der Bewerbung überprüfen.

Lebenslauf hochladen

Aalyria

WebsiteLinkedInAlle Stellen

51 - 200 Mitarbeiter

📡 Telekommunikation

🏢 Unternehmen

☁️ SaaS

Telecommunications • Enterprise • SaaS

Aalyria ist ein Raum- und Kommunikationstechnologieunternehmen, das planetare Netzwerke erstellt, organisiert und verwaltet, indem es atmosphärische kohärente Freiraum-Laserkommunikation (Tightbeam) mit einer KI-gesteuerten Netzwerkorchestrierungssoftware-Plattform (Spacetime) kombiniert. Das Unternehmen ermöglicht Multi-Domain-, Multi-Orbit-Konnektivität über Land, See, Luft und Weltraum – unterstützt Satellitenkonstellationen, 5G/NTN-Architekturen und hybride Netzwerke – und arbeitet mit kommerziellen und staatlichen Partnern zusammen, um Hard- und Software für widerstandsfähige, hochkapazitative Kommunikation bereitzustellen.

Beschreibung

• Own CMMC L2 certification and FedRAMP High authorization efforts end-to-end, including gap analysis, remediation tracking, evidence collection, and assessment coordination. • Maintain compliance with DFARS cybersecurity clauses (7012, 7019, 7020), ITAR, EAR and other federal requirements; manage SPRS score and supplier requirements. • Develop and maintain System Security Plans, POA&Ms, policies, procedures, and supporting artifacts across all compliance frameworks. • Serve as primary point of contact for C3PAO/3PAO assessors, government customers, prime contractors, and agency authorizing officials. • Manage continuous monitoring activities including vulnerability scanning, access reviews, evidence collection, and monthly/annual reporting. • Monitor regulatory changes across CMMC, FedRAMP, NIST 800-171/800-53, DFARS, and ITAR; assess impact and drive necessary updates. • Implement security controls hands-on, including identity and access management, logging, encryption, and endpoint security. • Harden cloud infrastructure in GCP, AWS, implementing security configurations and access controls aligned with compliance requirements. • Build automation and tooling for evidence collection and compliance reporting; integrate security into CI/CD pipelines. • Define, document, and enforce CUI boundaries and enclave architecture. • Translate compliance requirements into actionable technical guidance for engineering teams. • Support customer security assessments, due diligence requests, and contract security requirements.

🎯 Anforderungen

• 7+ years of experience in security roles with demonstrated compliance and technical responsibilities. • Deep knowledge of federal compliance frameworks: NIST 800-171, NIST 800-53 Rev 5, CMMC 2.0, FedRAMP, and ITAR compliance and cybersecurity requirements. • Experience preparing for and supporting third-party assessments (C3PAO, 3PAO, FedRAMP JAB/Agency, or equivalent). • Hands-on technical skills: ability to write scripts, Terraform, and troubleshoot access issues. • Cloud security experience securing cloud environments (GCP preferred; AWS GovCloud). • Experience with enterprise IAM platforms (Okta, Azure AD, or similar). • Excellent documentation skills with ability to write policies that satisfy auditors and implementation guides that engineers can use. • Strong communication skills with comfort presenting to auditors, executives, government customers, and authorizing officials. • Combined experience in both compliance/GRC and hands-on technical security implementation. • Ability to interpret NIST 800-53 controls and implement them in cloud environments. • Working knowledge of CMMC, FedRAMP, and DFARS frameworks, including overlapping control requirements. • Demonstrated ability to operate effectively in fast-paced environments with competing priorities. • Experience building or significantly maturing a compliance program. • U.S. Citizenship required.

🏖️ Vorteile

• Innovative Environment: Work at a cutting-edge company shaping the future of aerospace communications. • Impactful Work: Directly contribute to critical national security programs and initiatives. • Growth Opportunities: Expand your career with opportunities for professional development and advancement. • Inclusive Culture: Be part of a collaborative, supportive, and inclusive workplace where your contributions matter. • Flexibility: Flexible working arrangements including hybrid remote/in-office schedules. • Competitive salary, comprehensive benefits (401(k), dental, vision, health, life insurance), paid time off, and equity options.