Cybersecurity Lead -IT

We’re on a mission to make the skies safe and accessible for everyone. Our technology gives pilots greater control by simplifying the management of any aircraft during standard flight operations, inclement weather, and emergencies. Our SkyOS solution, rigorously and relentlessly developed by skilled and dedicated Skyrysers, is the key to unlocking this unbounded future. Our technology, combined with our commitment to saving lives and our passion for aviation, will empower everyone to experience the joy and freedom of flight.

CYBERSECURITY LEAD IT - EL SEGUNDO, CA  
The Cybersecurity Lead -IT is the primary responsible party for the organization’s cybersecurity program and reports directly to the Head of IT. This role provides strategic leadership, governance, and operational oversight to ensure the confidentiality, integrity, and availability of organizational data and aviation-related information systems in alignment with FAA expectations and other applicable government and defense regulations. The individual will drive cybersecurity framework alignment, certification readiness, and audit management for but not limited to, CIS Top 18, NIST 800-171, NIST 800-53, SOC 2 Type 1/2, ISO/IEC 27001, DFARS, CMMC, and FedRAMP, while authoring and enforcing cybersecurity policies and procedures across a collaborative IT organization supported by system, cloud, network, and associate administrators.
This is a full-time onsite opportunity based out of El Segundo, CA. 

RESPONSIBILITIES:

Cybersecurity Program Leadership & Governance

• Collaborate with the Head of IT and serve as the primary responsible owner of the
  organization’s cybersecurity program, strategy, and roadmap.
• Ensure alignment with industry best practices and regulatory requirements under FAA
  oversight and related federal guidance.
• Collaborate with the Head of IT to author, review, revise, and enforce
  cybersecurity-related policies, standards, and procedures.
• Lead efforts to mature and scale cybersecurity capabilities, resources, and best
  practices for current and future IT team members.

Framework Alignment & Certification Readiness

• Drive organizational preparedness for assessments and certifications including:
  ○ CIS Top 18 Controls
  ○ NIST 800-171 & NIST 800-53
  ○ SOC 2 Type 1 and Type 2
  ○ ISO/IEC 27001
  ○ DFARS
  ○ CMMC
  ○ FedRAMP (as applicable to cloud systems and services)
• Develop evidence packages, system security plans (SSPs), Plan of Action and
  Milestones (POA&Ms), and gap remediation plans for each framework.
• Establish metrics to demonstrate control effectiveness and certification progress.

Audit & Access Control Oversight

• Plan, lead, participate, and oversee quarterly and annual access control reviews & audits
  of all software systems.
  Produce formal findings reports of access control audits.
• Lead monthly security reporting meetings and present incident trends, risk posture, and
  remediation updates.
• Lead all third-party audits, jointly with the Head of IT and act as the control
  subject-matter expert

MINIMUM QUALIFICATIONS:

• Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or
  related field (or equivalent experience).
• 5+ years of hands-on cybersecurity experience in a regulatory-compliant industry
  (aviation, aerospace, defense, healthcare, transportation, or critical infrastructure).
• Demonstrated experience preparing organizations for:
  ○ CIS Top 18
  ○ NIST 800-171 / 800-53
  ○ SOC 2 Type 1/2
  ○ ISO/IEC 27001
  ○ DFARS
  ○ CMMC
  ○ FedRAMP
• Strong knowledge of incident response lifecycle and forensic investigation.
• Experience administering cybersecurity tools (EDR, SEG, DLP, FW, VPN,
  SIEM/monitoring).
• Experience leading access control audits and third-party assessments.
• Excellent technical writing skills for policies, procedures, SSPs, and audit artifacts.
• Ability to communicate risks to executive, FAA, and government stakeholders.

PREFERRED QUALIFICATIONS:

• Professional certifications such as CISSP, CISM, CEH, GSEC, ISO 27001 Lead Implementer/Auditor, or FedRAMP-related certifications.
• Experience with FAA, TSA Security Directives, or federal cloud compliance programs.
• Dev Ops and/or cloud security experience (AWS/Azure/GCP) in FedRAMP-aligned or regulated environments.
• Knowledge of networking, virtualization, and enterprise system administration.
• Experienced with 3rd party independent auditors and/or 3rd party regulatory auditors for in pursuit of cybersecurity framework certification/readiness.

WHY SKYRYSE?

• The opportunity to change the world through improving aviation safety and accessibility 
• Salary: $120,000 - $150,000
• Valuable stock option plan
• Heavily subsidized medical, dental and vision plans
• Full-time employees are eligible for 20 days of paid time off (PTO) and 5 sick days annually.  PTO and sick days must be used in accordance with Company policy.
• A company with an ambitious vision, a dynamic work environment, and a team of smart, motivated, and fun to work-with colleagues!

The posted salary range reflects the potential base pay for this role, adjusted to account for varying geographic markets. Final compensation will be based on factors such as your location, job-related skills, experience, and internal alignment, including equity and benefits.

WE WELCOME ALL
Skyryse is an equal opportunity employer. We value diversity. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

NO AGENCY CANDIDATES WILL BE CONSIDERED.