Compliance and Cybersecurity Manager

Stell Engineering, Inc

🌊 San Francisco or Los Angeles, CA based

🤝 Early stage start-up - seed-stage venture (backed by Long Journey, Third Prime VC)

🇺🇸 Must be US citizen or green card holder (due to ITAR restrictions)

🚀 Team of aerospace veterans with software for hardware expertise: Raytheon, Airbus, Anduril, Hadrian, Palantir, SpaceX, Mission Control

📅 We are hiring for this position to start ASAP

About Stell

Stell helps engineers at hardware companies in heavily-regulated industries (Space, Aviation, Medical Devices) do documentation and tracking of technical contract compliance.

Stell’s key innovations are (1) a user-interface for building text-rich documentation while enabling the complex linking needed to describe hardware systems, and (2) secure collaboration on technical contracts, replacing email and PDFs for our customers and their customers.

Stell’s simple yet powerful interface makes collaboration across internal teams and external partners (like suppliers) fast - so you can supercharge your engineering projects ⚡

<aside> 💡 https://www.stell-engineering.com/

</aside>

In this Compliance and Cybersecurity Manager role you will:

Lead the company's efforts to achieve and maintain the highest standards of cybersecurity compliance and readiness, aligning with industry best practices and preparing for future regulatory requirements.
Manage relationships with third-party partners and vendors to ensure their services meet our security and compliance standards.
Act as the certifying compliance officer, potentially growing into a CISO role, ensuring all security practices align with our compliance goals.
Develop and maintain the System Security Plan (SSP) and Plan of Actions and Milestones (POAM), adjusting as necessary for evolving compliance requirements such as FedRAMP and CMMC.
Maintain expert knowledge of compliance standards including SOC2, NIST 800-171, NIST 800-53, ISO 27001, and OWASP.
Utilize tools and technologies such as Terraform, AWS, and GitHub Actions for security automation and compliance monitoring. Knowledge of Java and HTML/CSS/JS programming languages a plus.
Implement and maintain security best practices across all technology stacks and platforms.
Build long-term roadmaps and execute day-to-day tasks - after all, it’s a start-up!