SpaceX was founded under the belief that a future where humanity is out exploring the stars is fundamentally more exciting than one where we are not. Today SpaceX is actively developing the technologies to make this possible, with the ultimate goal of enabling human life on Mars.

CYBER ASSURANCE LEAD

Are you dedicated to safeguarding the integrity of our company's supply chain against cyber threats? Join our team as a Cyber Assurance Lead, specializing in Supply Chain Cybersecurity. In this role, you'll be instrumental in ensuring the security of our organization's suppliers. Your expertise will be pivotal in identifying vulnerabilities, leading efforts to mitigate associated risks, and reinforcing our supply chain against potential cyber-attacks. If you're driven by securing company data, empowering our mission, and excelling in a collaborative environment, we'd love to hear from you.

Your role will entail execution of our supplier cyber risk management program. As a valued Information Assurance team member, you'll lead third-party/supplier security control and risk assessments, while also supporting our continuous monitoring program. Collaborating closely with our Supply Chain and partner teams, you'll contribute to the development and implementation of our assurance program. The ideal candidate is passionate about forging strong partnerships with Supply Chain teams and suppliers, possesses a keen interest in becoming a cybersecurity expert, demonstrates a solid understanding of our supply chain processes, and is committed to enhancing the protection of our technical data and the security of our suppliers.

RESPONSIBILITIES:

  • Lead, plan, prepare for, schedule, and coordinate security assessments and audits and identify where security controls deviate from acceptable configurations, policy or standards. Drive necessary corrective actions with suppliers or internal partners with urgency and efficiency.
  • Gain a comprehensive understanding of our key suppliers, identify the types of data they maintain, and determine the most effective processes for driving corrective actions.
  • Act as one of the key Assurance points of contacts for supply chain cybersecurity activities to assist suppliers with mitigating risk to SpaceX data.
  • Continuously monitor changes in supplier risk profiles and support cross-functional investigations to address both immediate and root causes, aiming to reduce risk and enhance the security of company data.
  • Support supplier incident investigations, including identifying data loss, and work with Reliability Engineers or Buyers to assess potential impact. Coordinate root cause analysis and ensure a clear implementation plan for corrective actions is established.
  • Communicate assessment results, track corrective action plans to ensure progress, and escalate issues when progress stalls or is blocked.
  • Develop and promote cybersecurity and information security awareness and training for internal teams and suppliers.
  • Develop, maintain, monitor, and improve appropriate internal controls and policies to protect SpaceX systems and data.
  • Contribute and enhance to continuous improvement of information assurance processes and systems.
  • Stay informed on regulatory changes, compliance guidelines, assessment methods, and emerging tactics; assist with updates to controls, policies, and procedures accordingly.

BASIC QUALIFICATIONS:

  • High school diploma or equivalency certificate.
  • 5+ years of experience (can be concurrent) in utilizing security relevant tools, systems, and applications in support of cyber/ information security or third-party/supplier risk management, vulnerability management, or continuous monitoring, e.g.: NESSUS, Tenable.io, Qualys, DISA STIGs, SCAP, or other vulnerability or vendor risk rating type tools.
  • 5+ years of experience (can be concurrent) with control testing, security standards/policy implementation, security audits, or security risk management.

PREFERRED SKILLS AND EXPERIENCE:

  • Proven experience working with internal or external organizations to prepare for, conduct, and manage audits efficiently and effectively.
  • Experience working within stakeholders within the supply chain or manufacturing space.
  • Ability to manage and prioritize multiple concurrent requests while setting realistic expectations with stakeholders.
  • Strong understanding of security program and control frameworks, assessment methodologies, and practices e.g. NIST RMF, NIST CSF, ISO-27001, 800-53(a), 800-171(a), CMMC, CNSSI 1253, 800-137, PCI-DSS, GDPR, etc.
  • Strong understanding of data controls and compliance regimens including CUI, ITAR/ EAR, PCI, PII, etc.
  • Technical project and/or operations management skills.
  • Experience balancing compliance requirements and data collection with the operational priorities of others, maintaining progress and strong relationships to ensure objectives are met.
  • Using lessons learned to improve processes.
  • CISSP, CIPT, CISM, CISA, GNSA or equivalent certification.

ADDITIONAL REQUIREMENTS:

  • This role requires you to be onsite. Hybrid or remote work will not be considered.
  • Willingness to work extended hours and weekends as needed.

COMPENSATION AND BENEFITS:                             

Pay Range:         

Cyber Assurance Manager: $130,000.00 - $180,000.00/per year  

Your actual level and base salary will be determined on a case-by-case basis and may vary based on the following considerations: job-related knowledge and skills, education, and experience.

Base salary is just one part of your total rewards package at SpaceX. You may also be eligible for long-term incentives, in the form of company stock, stock options, or long-term cash awards, as well as potential discretionary bonuses and the ability to purchase additional stock at a discount through an Employee Stock Purchase Plan. You will also receive access to comprehensive medical, vision, and dental coverage, access to a 401(k) retirement plan, short and long-term disability insurance, life insurance, paid parental leave, and various other discounts and perks. You may also accrue 3 weeks of paid vacation and will be eligible for 10 or more paid holidays per year. Exempt employees are eligible for 5 days of sick leave per year.         

ITAR REQUIREMENTS:

  • To conform to U.S. Government export regulations, applicant must be a (i) U.S. citizen or national, (ii) U.S. lawful, permanent resident (aka green card holder), (iii) Refugee under 8 U.S.C. § 1157, or (iv) Asylee under 8 U.S.C. § 1158, or be eligible to obtain the required authorizations from the U.S. Department of State. Learn more about the ITAR here.  

SpaceX is an Equal Opportunity Employer; employment with SpaceX is governed on the basis of merit, competence and qualifications and will not be influenced in any manner by race, color, religion, gender, national origin/ethnicity, veteran status, disability status, age, sexual orientation, gender identity, marital status, mental or physical disability or any other legally protected status.

Applicants wishing to view a copy of SpaceX’s Affirmative Action Plan for veterans and individuals with disabilities, or applicants requiring reasonable accommodation to the application/interview process should notify the Human Resources Department at (310) 363-6000.

Apply for this Job

* Required
resume chosen  
(File types: pdf, doc, docx, txt, rtf)
When autocomplete results are available use up and down arrows to review

Select a School
Select a Degree
Select a Discipline
+ Add another education


Voluntary Self-Identification

For government reporting purposes, we ask candidates to respond to the below self-identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

As set forth in SpaceX’s Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.

Race & Ethnicity Definitions

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to the Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.


Voluntary Self-Identification of Disability

Form CC-305
Page 1 of 1
OMB Control Number 1250-0005
Expires 04/30/2026

Why are you being asked to complete this form?

We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years.

Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to:

  • Alcohol or other substance use disorder (not currently using drugs illegally)
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS
  • Blind or low vision
  • Cancer (past or present)
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or serious difficulty hearing
  • Diabetes
  • Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders
  • Epilepsy or other seizure disorder
  • Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome
  • Intellectual or developmental disability
  • Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD
  • Missing limbs or partially missing limbs
  • Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports
  • Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS)
  • Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities
  • Partial or complete paralysis (any cause)
  • Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema
  • Short stature (dwarfism)
  • Traumatic brain injury

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.


Enter the verification code sent to to confirm you are not a robot, then submit your application.

This application was flagged as potential bot traffic. To resubmit your application, turn off any VPNs, clear the browser's cache and cookies, or try another browser. If you still can't submit it, contact our support team through the help center.