Information Systems Security Engineer

Please review the job details below.

Maxar Space is seeking an Information Systems Security Engineer (ISSE) to join our team in Palo Alto, CA. This position may also be performed remotely within the United States. In this role, you will act as an ISSE supporting multiple programs and internal teams. The ISSE is responsible for system security design, requirements development, control implementation, assessment, and compliance support. You will have the opportunity and responsibility to drive technical excellence while ensuring our successful space missions through effective security design and balancing cost and schedule following program requirements.

Responsibilities:

Perform end-to-end space and ground system security assessments, control implementation, development of mitigation plans, support the concept of operations, system architecture and design, integration and test environments, and continuous monitoring.

• Develop system security implementation plans and means of meeting security reporting requirements.

• Develop policies, procedures, and standards in alignment with NIST standards and industry best practices.

• Assure/enable compliance with industry security requirements (e.g., NIST 800-53/800-171/CMMC) as required by contract.
• Perform system-level risk-based security assessment, identify appropriate control and mitigation strategies, and derive and allocate security requirements to the system hardware and software elements.
• Actively participate in design reviews, technical interchange meetings, and working groups to ensure compliance with security and control requirements.
• Support trade studies as required to meet system security requirements.
• Develop security test plans to verify security requirements and validate security control implementation.
• Support the Authorization to Operate (ATO) process by generating necessary reporting and accreditation documents, such as Plans of Action and Milestones (POA&Ms).
• Lead/Facilitate internal and Customer Security Reviews to present security requirements, system assessment, control implementation, and mitigation methods.
• Actively collaborate with customers and contractors to ensure successful system ATO accreditation.
• Ability to validate system hardening based on current DISA STIGs and/or CIS Level 2 benchmarks.
• Lead and participate in vulnerability tracking, remediation, and closure.

Minimum Requirements:

• Must be a U.S. citizen with the willingness and ability to obtain a clearance.
• Bachelor’s degree in computer science, information systems, engineering, business, or related scientific or technical discipline. Four years of additional experience may be substituted for a degree.
• 5 years experience in information systems, cyber security, space systems, or related security disciplines.
• Experience developing and implementing security controls for commercial, international, and/or U.S. government programs.
• Experience working with the National Institute of Standards and Technology (NIST) cybersecurity standards (NIST 800-171, NIST 800-53), including the Cybersecurity Maturity Model Certification (CMMC).
• Strong understanding and proven history of performing risk management activities as outlined in the NIST 800-30 and NIST 800-37

Preferred Qualifications:

• Experience designing and implementing security controls in cloud service providers (AWS, Azure).
• Working knowledge of industry-standard Cloud Security Posture Management (CPSM) tools.
• Relevant Cloud Certifications (e.g. CCSP, AWS Cloud Practitioner, AWS Security, Azure Security Engineer Associate).
• Experience architecting, building, and deploying cloud assets for AWS and Azure.
• DOD 8570 IAT or IAM Level 3 compliant professional certification (i.e., CISSP or Associate, CASP CE, CCNP Security, CISA, GCED, GCIH, CISM, or GSLC).
• Experience with security assessment and authorization activities required for Federal systems (e.g., RMF, CMMC, ICD-503, DIACAP) and security development.
• Proficiency in using cyber-related tools (such as Nessus, NMAP, or Splunk), network scanning, vulnerability scanning, and other penetration testing tools.
• Significant experience with NIST risk analysis processes and mitigation methods.

In support of pay transparency at Maxar, we disclose salary ranges on all U.S. job postings.  The successful candidate’s starting pay will fall within the salary range provided below and is determined based on job-related factors, including, but not limited to, the experience, qualifications, knowledge, skills, geographic work location, and market conditions. Candidates with the minimum necessary experience, qualifications, knowledge, and skillsets for the position should not expect to receive the upper end of the pay range.

● The base pay for this position within California is: $113,000.00 - $189,000.00 annually.

For all other states, we use geographic cost of labor as an input to develop market-driven ranges for our roles, and as such, each location where we hire may have a different range.

We offer a comprehensive package of benefits including paid time off, health and welfare insurance, and 401(k) to eligible employees. You can find more information on our benefits at: https://www.maxar.com/careers/benefits

Additionally, this position is incentive eligible with a target based on contribution, company performance, and/or individual results achieved; the specific incentive plan and target amount will be determined based on the role and breadth of contributions.

The application window is three days from the date the job is posted and will remain posted until a qualified candidate has been identified for hire.  If the job is reposted regardless of reason, it will remain posted three days from the date the job is reposted and will remain reposted until a qualified candidate has been identified for hire. 

The date of posting can be found on Maxar’s Career page at the top of each job posting.

To apply, submit your application via Maxar’s Career page.

Maxar Technologies values diversity in the workplace and is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected veteran status, age, or any other characteristic protected by law.