Posted today
Secret
Unspecified
Unspecified
(On-Site/Office)
Full-time
Technical Lead: Security & Federal Compliance
Remote / Hybrid | U.S. Citizenship Required
The Opportunity
We are seeking a senior technical lead to architect and manage the security posture for a high-growth aerospace technology firm. This role is designed for a rare "hybrid" professional: someone who possesses the deep regulatory knowledge required to navigate FedRAMP and CMMC frameworks, but who also retains the hands-on engineering skills to implement controls directly in cloud environments.
As the primary owner of our federal compliance programs, you will bridge the gap between rigorous government standards and agile engineering workflows. You will not simply be managing a checklist; you will be building the secure infrastructure that allows next-generation orbital and deep-space communication systems to operate.
Core Responsibilities
Authorization Leadership: Direct the end-to-end execution of CMMC Level 2 and FedRAMP High certifications, including architecture design, gap remediation, and managing relationships with third-party assessors (3PAOs).
Regulatory Architecture: Define and enforce boundaries for Controlled Unclassified Information (CUI). Maintain compliance with ITAR/EAR, DFARS (7012, 7019, 7020), and NIST 800-53/171 standards.
Hands-on Engineering: Actively harden cloud environments (primarily GCP and AWS GovCloud). You will implement IAM policies, encryption standards, and logging/monitoring solutions.
Security Automation: Build tooling and scripts (Terraform, Python, or Bash) to automate evidence collection and continuous monitoring, integrating compliance into existing CI/CD pipelines.
Documentation & Policy: Draft System Security Plans (SSPs) and technical implementation guides that provide clear, actionable direction for software and hardware engineering teams.
Your Technical Profile
7+ Years of Experience: A proven track record in high-stakes security roles where you have balanced compliance oversight with technical implementation.
Compliance Mastery: Exhaustive knowledge of NIST 800-53 Rev 5, FedRAMP, and the CMMC ecosystem.
Cloud Fluency: Professional-level experience securing Google Cloud Platform (GCP) or AWS, specifically utilizing Infrastructure-as-Code (Terraform) and native security tools.
Identity & Access: Deep experience with enterprise IAM platforms (e.g., Okta or Azure AD) and the implementation of Zero Trust principles.
Strategic Communication: The ability to translate complex regulatory requirements into technical tasks for engineers, while confidently representing the firm to government authorizing officials.
Why This Role is Different
Ownership: You are the primary stakeholder for security compliance, reporting to the Director of Security & IT.
Complexity: You are securing hardware and software that operates across land, sea, air, and space.
Impact: Your work directly enables the company to secure mission-critical contracts that are vital to national infrastructure and aerospace innovation.
Requirements
U.S. Citizenship is mandatory due to federal contract requirements.
Active Secret or Top Secret clearance is a significant plus.
Professional certifications (CISSP, CGRC, CISM) are preferred but secondary to demonstrated hands-on experience.
Technical Lead: Security & Federal Compliance
Remote / Hybrid | U.S. Citizenship Required
The Opportunity
We are seeking a senior technical lead to architect and manage the security posture for a high-growth aerospace technology firm. This role is designed for a rare "hybrid" professional: someone who possesses the deep regulatory knowledge required to navigate FedRAMP and CMMC frameworks, but who also retains the hands-on engineering skills to implement controls directly in cloud environments.
As the primary owner of our federal compliance programs, you will bridge the gap between rigorous government standards and agile engineering workflows. You will not simply be managing a checklist; you will be building the secure infrastructure that allows next-generation orbital and deep-space communication systems to operate.
Core Responsibilities
Authorization Leadership: Direct the end-to-end execution of CMMC Level 2 and FedRAMP High certifications, including architecture design, gap remediation, and managing relationships with third-party assessors (3PAOs).
Regulatory Architecture: Define and enforce boundaries for Controlled Unclassified Information (CUI). Maintain compliance with ITAR/EAR, DFARS (7012, 7019, 7020), and NIST 800-53/171 standards.
Hands-on Engineering: Actively harden cloud environments (primarily GCP and AWS GovCloud). You will implement IAM policies, encryption standards, and logging/monitoring solutions.
Security Automation: Build tooling and scripts (Terraform, Python, or Bash) to automate evidence collection and continuous monitoring, integrating compliance into existing CI/CD pipelines.
Documentation & Policy: Draft System Security Plans (SSPs) and technical implementation guides that provide clear, actionable direction for software and hardware engineering teams.
Your Technical Profile
7+ Years of Experience: A proven track record in high-stakes security roles where you have balanced compliance oversight with technical implementation.
Compliance Mastery: Exhaustive knowledge of NIST 800-53 Rev 5, FedRAMP, and the CMMC ecosystem.
Cloud Fluency: Professional-level experience securing Google Cloud Platform (GCP) or AWS, specifically utilizing Infrastructure-as-Code (Terraform) and native security tools.
Identity & Access: Deep experience with enterprise IAM platforms (e.g., Okta or Azure AD) and the implementation of Zero Trust principles.
Strategic Communication: The ability to translate complex regulatory requirements into technical tasks for engineers, while confidently representing the firm to government authorizing officials.
Why This Role is Different
Ownership: You are the primary stakeholder for security compliance, reporting to the Director of Security & IT.
Complexity: You are securing hardware and software that operates across land, sea, air, and space.
Impact: Your work directly enables the company to secure mission-critical contracts that are vital to national infrastructure and aerospace innovation.
Requirements
U.S. Citizenship is mandatory due to federal contract requirements.
Active Secret or Top Secret clearance is a significant plus.
Professional certifications (CISSP, CGRC, CISM) are preferred but secondary to demonstrated hands-on experience.
group id: 91166918
