Director of IT Security

About Us: Merlin is an early-stage autonomy company, building software to control sophisticated transportation systems. Our mission here at Merlin Labs is to develop hardware and software solutions that deliver the capability for aircraft to fly useful missions autonomously and safely. Our first product will be a certified system to bring automation to existing fixed wing aircraft. 
We’re backed by some of the top institutional venture capitalists in the country, our headquarters are located in Boston with hubs in Denver, Los Angeles and the Mojave Desert. Come join our diverse, world class team, made up of people from places like Google, Airbus, Boeing, UTC, the US Navy, and the US Air Force.
The Merlin IT Security Director is someone capable of building and overseeing our organization’s overall cybersecurity. This person will supervise all aspects of IT security to include design, development, implementation, incident response, budgets, and adherence to various regulations. This person will also plan for and build the security side of the IT Security organization in partnership with the VP Business Operations and IT Director to meet Merlin’s growing needs. Lastly, this person has experience working with government compliance requirements, specifically CMMC.

Responsibilities:

• Creation and execution of security strategies that will increase the efficiency of IT systems and projects at Merlin
• Directing crisis management by investigating the cause of a breach and implementing the right solutions.
• Allocating the correct resources to ensure that staff are delivering secure solutions.
• Managing cybersecurity activities within the organization.
• Overseeing vulnerability audits, penetration tests and forensic IT investigations, ensuring that any outcomes are understood and applied.
• Liaising with other senior level directors, the ELT, and C3 to ensure that new systems align with the organization’s overall security policies and data protection strategies.
• Ensuring that staff security training and compliance efforts are up to date.
• Preparing budgetary allocations and financial forecasts relating to cybersecurity.
• Managing partners, stakeholders, vendors and third party solutions providers.

Qualifications:

• Bachelor’s or Master’s Degree in Computer Science/Information Technology or equivalent work experience
• Knowledge of process engineering, project management, ITIL, CoBIT
• Minimum 8 years of experience in the information security field with at least 5 years experience in a management capacity
• Strong security background (understanding risk assessment, legal and regulatory requirements, threats, vulnerabilities, security policies
• Minimum 3 years experience with DoD cyber security requirements (CMMC, DFARS, SPRS)

Merlin Labs offers an innovative, entrepreneurial, and team-focused startup environment. We also offer a top-notch benefits package (health, dental, life, unlimited vacation, and 401k with match) and work/life integration. Being part of the Merlin team allows you to become part of a small team that supports professional development while working together to achieve our mission.
Merlin Labs is an equal opportunity employer and values diversity. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status or disability status. All job offers are contingent upon the candidate passing background, export control and reference checks. 
Merlin Labs does not accept unsolicited resumes from any source other than directly from candidates.