RESPONSIBILITIES:

📍Lead, plan, prepare for, schedule, and coordinate security assessments and audits and identify where security controls deviate from acceptable configurations, policy or standards. Drive necessary corrective actions with suppliers or internal partners with urgency and efficiency. 📍Gain a comprehensive understanding of our key suppliers, identify the types of data they maintain, and determine the most effective processes for driving corrective actions. 📍Act as one of the key Assurance points of contacts for supply chain cybersecurity activities to assist suppliers with mitigating risk to SpaceX data. 📍Continuously monitor changes in supplier risk profiles and support cross-functional investigations to address both immediate and root causes, aiming to reduce risk and enhance the security of company data. 📍Support supplier incident investigations, including identifying data loss, and work with Reliability Engineers or Buyers to assess potential impact. Coordinate root cause analysis and ensure a clear implementation plan for corrective actions is established. 📍Communicate assessment results, track corrective action plans to ensure progress, and escalate issues when progress stalls or is blocked. 📍Develop and promote cybersecurity and information security awareness and training for internal teams and suppliers. 📍Develop, maintain, monitor, and improve appropriate internal controls and policies to protect SpaceX systems and data. 📍Contribute and enhance to continuous improvement of information assurance processes and systems. 📍Stay informed on regulatory changes, compliance guidelines, assessment methods, and emerging tactics; assist with updates to controls, policies, and procedures accordingly.

BASIC QUALIFICATIONS:

📍High school diploma or equivalency certificate. 📍5+ years of experience (can be concurrent) in utilizing security relevant tools, systems, and applications in support of cyber/ information security or third-party/supplier risk management, vulnerability management, or continuous monitoring, e.g.: NESSUS, Tenable.io, Qualys, DISA STIGs, SCAP, or other vulnerability or vendor risk rating type tools. 📍5+ years of experience (can be concurrent) with control testing, security standards/policy implementation, security audits, or security risk management.

The crypto industry is evolving rapidly, offering new opportunities in blockchain, web3, and remote crypto roles — don’t miss your chance to be part of it.