Security and Compliance Lead

Emploi pas sur LinkedIn

🕒 il y a 2 mois

Postuler Maintenant

Trouver des Emplois à Distance Similaires

Recevoir des emails pour des emplois à distance

📊 Vérifiez votre score de CV pour ce poste

Améliorez vos chances d'obtenir un entretien en vérifiant votre score de CV avant de postuler.

Télécharger le CV

Aalyria

Site WebLinkedInTous les Emplois

51 - 200 employés

📡 Télécommunications

🏢 Entreprise

☁️ SaaS

Telecommunications • Enterprise • SaaS

Aalyria est une entreprise spécialisée dans les technologies de l'espace et des communications, qui crée, organise et gère des réseaux à l'échelle planétaire en combinant des communications laser atmosphériques cohérentes sans fil (Tightbeam) avec une plateforme logicielle d'orchestration de réseau alimentée par l'IA (Spacetime). L'entreprise permet une connectivité multi-domaines et multi-orbites à travers la terre, la mer, l'air et l'espace — soutenant des constellations de satellites, des architectures 5G/NTN et des réseaux hybrides — et travaille avec des partenaires commerciaux et gouvernementaux pour déployer des matériels et logiciels pour des communications résilientes et haute-capacité.

Description

• Own CMMC L2 certification and FedRAMP High authorization efforts end-to-end, including gap analysis, remediation tracking, evidence collection, and assessment coordination. • Maintain compliance with DFARS cybersecurity clauses (7012, 7019, 7020), ITAR, EAR and other federal requirements; manage SPRS score and supplier requirements. • Develop and maintain System Security Plans, POA&Ms, policies, procedures, and supporting artifacts across all compliance frameworks. • Serve as primary point of contact for C3PAO/3PAO assessors, government customers, prime contractors, and agency authorizing officials. • Manage continuous monitoring activities including vulnerability scanning, access reviews, evidence collection, and monthly/annual reporting. • Monitor regulatory changes across CMMC, FedRAMP, NIST 800-171/800-53, DFARS, and ITAR; assess impact and drive necessary updates. • Implement security controls hands-on, including identity and access management, logging, encryption, and endpoint security. • Harden cloud infrastructure in GCP, AWS, implementing security configurations and access controls aligned with compliance requirements. • Build automation and tooling for evidence collection and compliance reporting; integrate security into CI/CD pipelines. • Define, document, and enforce CUI boundaries and enclave architecture. • Translate compliance requirements into actionable technical guidance for engineering teams. • Support customer security assessments, due diligence requests, and contract security requirements.

🎯 Exigences

• 7+ years of experience in security roles with demonstrated compliance and technical responsibilities. • Deep knowledge of federal compliance frameworks: NIST 800-171, NIST 800-53 Rev 5, CMMC 2.0, FedRAMP, and ITAR compliance and cybersecurity requirements. • Experience preparing for and supporting third-party assessments (C3PAO, 3PAO, FedRAMP JAB/Agency, or equivalent). • Hands-on technical skills: ability to write scripts, Terraform, and troubleshoot access issues. • Cloud security experience securing cloud environments (GCP preferred; AWS GovCloud). • Experience with enterprise IAM platforms (Okta, Azure AD, or similar). • Excellent documentation skills with ability to write policies that satisfy auditors and implementation guides that engineers can use. • Strong communication skills with comfort presenting to auditors, executives, government customers, and authorizing officials. • Combined experience in both compliance/GRC and hands-on technical security implementation. • Ability to interpret NIST 800-53 controls and implement them in cloud environments. • Working knowledge of CMMC, FedRAMP, and DFARS frameworks, including overlapping control requirements. • Demonstrated ability to operate effectively in fast-paced environments with competing priorities. • Experience building or significantly maturing a compliance program. • U.S. Citizenship required.

🏖️ Avantages

• Innovative Environment: Work at a cutting-edge company shaping the future of aerospace communications. • Impactful Work: Directly contribute to critical national security programs and initiatives. • Growth Opportunities: Expand your career with opportunities for professional development and advancement. • Inclusive Culture: Be part of a collaborative, supportive, and inclusive workplace where your contributions matter. • Flexibility: Flexible working arrangements including hybrid remote/in-office schedules. • Competitive salary, comprehensive benefits (401(k), dental, vision, health, life insurance), paid time off, and equity options.