Description

Reusable launch systems are the key to seamlessly connecting Earth and space. Security and compliance with applicable frameworks are foundational to these efforts.

As the Information Systems Security Manager in Stoke Space’s Information Technology department, you’ll be the person ensuring that our information security posture meets our rapidly growing needs and achieves our compliance obligations while facilitating a successful startup culture as we race towards our first launch of Nova.

We are a small and motivated team, and you will work across the entire Stoke organization and across product teams to support secure systems operations, develop SSPs, deploy security controls and ensure compliance with NIST frameworks (800-53, 800-171) facilitating compliance objectives such as ITAR data protection, FedRamp Moderate readiness, CMMC compliance, SOC1/SOC2 certifications.

You must be ready to stay focused, move fast, self-direct, and learn on the fly.

Qualifications

• Exceptional understanding of IT infrastructure, including networks, servers, storage, and cloud technologies
• Strong analytical and problem-solving skills to identify, address, and mitigate security risks and issues
• Bachelor’s degree in Computer Science, Information Technology Management or related field
• 5+ years of experience in information security field
• Ability to lead
• Ability to follow
• Excellent written and verbal communication

Preferred Qualifications

• Advanced certifications such as CISSP, CISM, or CEH
• Prior experience working in a startup environment, demonstrating adaptability, resourcefulness, and a hands-on approach to security management
• Experience in establishing and managing cybersecurity teams and implementing security best practices, frameworks, standards, and regulations

Responsibilities

• Develop, implement, and enforce comprehensive cyber security strategies, policies, standards, and processes
• Own all System Security Plans for Stoke environments
• Monitor and analyze security systems and alerts to identify suspicious activities and respond to potential threats
• Develop, document, and enhance incident response protocols
• Lead and oversee all aspects of incident response efforts, including investigation, containment, and remediation
• Conduct regular security audits and vulnerability assessments to identify and mitigate potential risks
• Ensure organizational compliance with relevant regulations, standards, and frameworks
• Provide support to end users by investigating and addressing security incidents, including phishing attempts, malicious files, and other threats
• Stay up-to-date on emerging cybersecurity trends, threats, vulnerabilities, and regulatory changes to strengthen proactive defenses
• Promote a culture of collaboration, empowerment, and teamwork within the organization and with external partners and customers
• Assist with hands-on system administration tasks, particularly those related to security configurations
• Perform additional duties as assigned to support organizational goals and objectives

Benefits

• Medical, dental, vision and basic life insurance
• 401(k) match
• Paid time off
• Flexible scheduling
• Equity

Compensation

Target Levels:

• Level 3 range: $127,200 - $190,800
• Level 4 range: $152,600 - $229,000

Our job posts are intentionally written to attract a wide variety of experience levels, and we make decisions about the right fit on a per-candidate basis.

Your actual level and base salary will be decided based on your specific experience and skill level.

To conform to U.S. Government space technology export regulations, including the International Traffic in Arms Regulations (ITAR), you must be a U.S. citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C. 1324b(a)(3), or eligible to obtain the required authorizations from the U.S. Department of State.