Senior Cloud Security Engineer

YOUR MISSION

As a Senior Cloud Security Engineer, you will play a critical role in ensuring the security and compliance of our cloud infrastructure with FedRAMP High, NIST controls, and future Department of Defense IL5+ requirements. You will leverage your expertise to enhance our security posture and support our mission of maintaining secure and sustainable operations in space.

RESPONSIBILITIES

• Design and implement secure cloud infrastructure solutions that meet regulatory and compliance requirements.
• Implement security strategies via automation to maximize control efficacy and user experience.
• Conduct security assessments and audits to ensure compliance with industry standards and best practices.
• Collaborate with cross-functional teams to provide security guidance and support.
• Stay current with emerging security threats, technologies, and regulations affecting cloud platforms and services.
• Provide expert guidance and lead response efforts for cloud security incidents.
• Operate vulnerability discovery tools for operating systems, containers, and software libraries.
• Build, deploy, and manage production security tools and services to monitor networks, endpoints, and cloud workloads.
• Design and operate scalable processes to provision cloud access and maintain least-privilege.
• Maintain a secure, reliable and low-touch infrastructure using technologies such as Terraform, Kubernetes, and immutable images.

QUALIFICATIONS

• 5+ years of experience in a cloud or infrastructure security role.
• Security experience with Docker/Kubernetes and how to secure those environments.
• Experience with any of the three major cloud providers (AWS, Azure, GCP).
• Experience with Terraform, Python, Bash or similar scripting language.
• Experience building secure CI/CD pipelines with either GitHub Actions, Jenkins, GitLab.
• Experience managing vulnerability management and scanning tools.
• Experience with public key infrastructure and management of secrets.
• Understanding of real-time threat detection, secrets management, security considerations within build, release, CI/CD and other similar tooling.

PREFERRED SKILLS AND EXPERIENCE

• Experience working in startups with hybrid cloud and on-prem environments.
• Background in implementing and managing security controls in accordance with FedRAMP, NIST 800-171 and other regulatory frameworks, with experience in securing classified environments and ensuring compliance with DoD standards.
• Certifications including CEH, Security+, OSCP.
• Eligibility to obtain and maintain an active U.S. Top Secret clearance.

COMPENSATION

• California Base Salary: $175,000-$245,000
• Colorado Base Salary: $155,000-$215,000
• Washington D.C. Base Salary: $160,000-$225,000
• Equity + Benefits including Health, Dental, Vision, HRA/HSA options, PTO and paid holidays, 401K, Parental Leave

Your actual level and base salary will be determined on a case-by-case basis and may vary based on the following considerations: job-related knowledge and skills, education and experience.

ADDITIONAL REQUIREMENTS

• Ability to maintain or obtain TS//SCI clearance
• Work Location: this role will be fully onsite at our GravityWorks factory in Centennial, CO
• Work environment is in a standard office, working at a desk or in a production factory.
• Physical demands may include frequent standing, sitting, walking, bending, and lifting or carrying items up to 20lbs.

This position will be open until it is successfully filled. To submit your application, please follow the directions below. [#LI-Hybrid]