Compliance and Cybersecurity Manager (LA or SF - hybrid) Job at CADRE in Los Ang

Compliance and Cybersecurity Manager
Stell Engineering, Inc

San Francisco or Los Angeles, CA (Marina Del Rey)

Early stage start-up - seed-stage venture (backed by Long Journey, Third Prime VC)

Must be US citizen or green card holder (due to ITAR restrictions)

Team of aerospace veterans with software for hardware expertise: Raytheon, Airbus, Anduril, Hadrian, Palantir, SpaceX, Mission Control

We are hiring for this position to start ASAP
About Stell

Stell helps engineers at hardware companies in heavily-regulated industries (Space, Aviation, Medical Devices) do documentation and tracking of technical contract compliance.

Stell's key innovations are (1) a user-interface for building text-rich documentation while enabling the complex linking needed to describe hardware systems, and (2) secure collaboration on technical contracts, replacing email and PDFs for our customers and their customers.

Stell's simple yet powerful interface makes collaboration across internal teams and external partners (like suppliers) fast - so you can supercharge your engineering projects

https://www.stell-engineering.com/

In this Compliance and Cybersecurity Manager role you will:

• Lead the company's efforts to achieve and maintain the highest standards of cybersecurity compliance and readiness, aligning with industry best practices and preparing for future regulatory requirements.
• Manage relationships with third-party partners and vendors to ensure their services meet our security and compliance standards.
• Act as the certifying compliance officer, potentially growing into a CISO role, ensuring all security practices align with our compliance goals.
• Develop and maintain the System Security Plan (SSP) and Plan of Actions and Milestones (POAM), adjusting as necessary for evolving compliance requirements such as FedRAMP and CMMC.
• Maintain expert knowledge of compliance standards including SOC2, NIST 800-171, NIST 800-53, ISO 27001, and OWASP.
• Utilize tools and technologies such as Terraform, AWS, and GitHub Actions for security automation and compliance monitoring. Knowledge of Java and HTML/CSS/JS programming languages a plus.
• Implement and maintain security best practices across all technology stacks and platforms.
• Build long-term roadmaps and execute day-to-day tasks - after all, it's a start-up!
• Manage and work closely with vendors for events like audits

This may be a good fit if you:

• Have a proven experience in cybersecurity, particularly in a SaaS or cloud environment, with a strong background in compliance efforts for SOC2, NIST 800-171, and ideally NIST 800-53.
• Have excellent organizational, communication, and leadership skills:
  • You are energized by forging Stell's growth path amidst uncertainty and rapidly changing business needs
  • You are comfortable communicating Stell's cybersecurity infrastructure to customers and partners
• Have a strong technical background in Terraform, AWS, GitHub Actions, and programming languages such as Java or HTML/CSS/JS.
• Have experience managing third-party vendors and partners.

Nice to haves:

• Previous experience in aerospace or government sectors.
• Professional certifications such as CISSP, CISM, AWS security certifications, Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or Certified Information Systems Auditor (CISA).

What Stell brings to the table:

• Flexibility and autonomy at work in a hybrid work environment - we have offices in SF or LA and are in-office 3 days a week
• Mission to support the aerospace and US manufacturing ecosystem - Stell exists to serve hardware engineers developing and building some of the most important tech in our time (rockets, satellites, drones!)
• Sizable equity - you become an owner of this company
• Competitive salary
• Healthcare, vision, dental
• Relocation stipend available

Salary Range:

$150-$200k/year commensurate with experience