Sr. Cyber Compliance Manager

See more jobs from SpaceX

almost 2 years old

This job is no longer active

SpaceX was founded under the belief that a future where humanity is out exploring the stars is fundamentally more exciting than one where we are not. Today SpaceX is actively developing the technologies to make this possible, with the ultimate goal of enabling human life on Mars.

SR. CYBER COMPLIANCE MANAGER

Compliance is more than doing what is forced upon us; it's about driving and delivering against our trust proposition, enabling teams across the company to meet the standards we set upon ourselves. It's about aggregating internal and external expectations and creating THE expectation. And then it's about enabling our teams to meet and exceed this bar in a highly efficient and effective manner. If the thought of a compliance program which is integrated with business operations and works to proactively defend and enable opportunity is motivating, then we should talk.  

This teammate will operate within the Information Assurance team and will be assisting with the maturation and implementation of our information compliance program in collaboration with the Information Assurance Lead and taking on additional leadership roles as needed. This position will also involve hands-on execution of the compliance program, assessment and audit execution, the development of control application efficiencies ad recommendations, and mentoring fellow Information Assurance team members. The ideal candidate will be driven to create efficiencies that are firm when it matters but also flexible enough to move the ball forward. They will excel at multi-tasking and flourish in an environment where learning never ceases, where the breadth of operations ranges from rockets to routing tables, and where teams are laser focused on mission accomplishment -- excitement guaranteed!  

RESPONSIBILITIES: 

  • Mature and maintain a comprehensive Security and IT Compliance program
  • Manage identification and tracking of audits, assessments and their impacted programs and business objectives; identified gaps, corrective action plans/plans of action & milestones, and provide reporting to leadership
  • Develop and maintain a cyber and IT control framework and controls catalog including unified and common control features
  • Design and implement a cyber and IT controls assessment and assurance process and tooling 
  • Develop and maintain of IT and security policies and standards
  • Work with other SpaceX teams to determine functional needs, implement efficient and sustainable solutions and communicate security policies
  • Mentor fellow teammates and take an active role in their development 
  • Collaborate with Assurance, Security, IT, and business leaders to create aligned program objectives and key results
  • Identify and propose business enabling actions by maintaining an up-to-date understanding of emerging trends in information security risks, and new compliance/assurance techniques and trends

BASIC QUALIFICATIONS: 

  • Bachelor’s degree in information systems, information security, computer science, engineering or STEM discipline and 7+ years of compliance and audit management experience; or 10+ years combined experience across program, compliance, and audit management
  • 5+ years’ experience implementing and maturing compliance management programs at scale, unified and common control frameworks, and audit preparation and sustainment efficiencies

PREFERRED SKILLS AND EXPERIENCE: 

  • CISSP, CISA, or equivalent certification/experience
  • Deep understanding of information security control and management frameworks: CMMC, ISO-27001, NIST 800-171/172, NIST 800-53, etc.; and applicable U.S. government acquisition regulations
  • GRC, SOX, PCI, CMMC and/or business resiliency experience
  • Strong communication skills across all organizational levels and ability to build cross organizational coalitions 
  • Direct experience with regulatory compliance reviews and examinations
  • Project and program management experience, tooling integration, and delivery in highly fluid environments
  • Ability to communicate technical and security-related concepts to a broad range of technical and non-technical staff, security vendors, consultants and senior management

ADDITIONAL REQUIREMENTS:

  • Willingness to work extended hours and weekends as needed

ITAR REQUIREMENTS:

  • To conform to U.S. Government space technology export regulations, including the International Traffic in Arms Regulations (ITAR) you must be a U.S. citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C. 1324b(a)(3), or eligible to obtain the required authorizations from the U.S. Department of State. Learn more about the ITAR here  

SpaceX is an Equal Opportunity Employer; employment with SpaceX is governed on the basis of merit, competence and qualifications and will not be influenced in any manner by race, color, religion, gender, national origin/ethnicity, veteran status, disability status, age, sexual orientation, gender identity, marital status, mental or physical disability or any other legally protected status.

Applicants wishing to view a copy of SpaceX’s Affirmative Action Plan for veterans and individuals with disabilities, or applicants requiring reasonable accommodation to the application/interview process should notify the Human Resources Department at (310) 363-6000.