Anduril is a defense technology company, bringing Silicon Valley talent and funding to the defense sector. Our technology helps our customers solve their toughest challenges by enabling them to make better, more informed decisions in life-and-death situations. We’ve assembled a diverse team of experts in artificial intelligence, computer vision, sensor fusion, optics, and data analysis that are creating software and hardware solutions to radically evolve the capabilities of the United States and our allies. If you are passionate about solving problems that have real impact, come join Anduril and build the future of defense.
Anduril’s Cyber Compliance team is seeking a Information System Security Officer to join our team with a focus on supporting and leading accreditation efforts across the business. In doing so you will have the opportunity to work with and learn from some of the world’s best engineers and cybersecurity professionals as you help to implement cutting edge systems. You will work directly with customers and systems deployed across the globe in support of national security missions all while gaining invaluable experience navigating complex cybersecurity regulation frameworks.
Deploying complex tech solutions in a highly regulated field requires individuals with a deep understanding of cybersecurity and the ability to prove compliance with technical security controls. As such, thorough proficiency in cybersecurity and technical writing is required. You should feel comfortable working with engineers to write technical reports and plans. As part of a small but growing team you will be expected to wholly own problem sets, take non-standard approaches to solve hard problems and be comfortable with uncertainty. Everyday you will see the impact of your efforts while being given the flexibility to explore and contribute to projects that interest you.
The ideal candidate will know how modern software is built and deployed while understanding the complex compliance requirements levied on those wishing to do so in and on federal government networks.
WHAT YOU’LL DO
- Serve as an Information System Security Officer (ISSO).
- Create and maintain Authorization and Accreditation (A&A) packages to include: System Security Plans (SSPs), Authorization Boundary Diagrams, Test Plans, Security Control Technical Matrices (SCTM), Test Reports, Control Implementation Details and more.
- Technical writing to produce system documentation.
- Produce, update, maintain and enforcing information systems security policies, standards, and methodologies.
- Responsible for tracking/updating plan of objectives and milestones (POA&Ms), configuring systems to meet Federal Accreditation requirements, reviewing scan results, working with system owners, information security personnel and managers to mitigate vulnerabilities.
- Experience with US Government technical accreditation processes such as RMF or FedRamp specifically.
- Must be familiar and comfortable with administration of Linux and Windows-based systems and fundamentals of networking.
- Knowledge of current cybersecurity software tools used for endpoint protection, vulnerability scanning, SIEM and cloud security.
- The ability to elicit input from engineers and document feedback in the form of technical security reports.
- Demonstrate knowledge of exploits, attacks, and tools used by skilled hackers.
- Must be able to obtain and hold a U.S. security clearance at the TS/SCI level.
- U.S. Person status is required as this position needs to access export controlled data.
- Prefer a DoD secret clearance or willingness to obtain one.
- Prefer experience or knowledge of modern software development processes and their security (CI/CD pipelines, microservices architectures, cloud and container based deployments).
- Security+ or CISSP (for DoDD 8140 compliance)
- COMSEC account management experience
Anduril is an equal-opportunity employer, and we encourage candidates from all backgrounds to apply. If you are someone passionate to work on problems that matter, we’d love to hear from you!