Security and Compliance Engineer

Job Title: Security & Compliance Engineer
Location: Redondo Beach, CA

About Us:
We are an innovative, high-performance startup on a mission to shape the future of technology and engineering in a highly regulated industry. Operating at the intersection of cutting-edge systems and security frameworks, we are dedicated to ensuring our infrastructure meets the highest compliance and security standards. If you’re looking for a challenging, fast-paced environment where your expertise can have a real impact, this role could be the perfect fit for you.

Position Overview:
We are seeking a Security & Compliance Engineer to join our team. In this role, you will be responsible for designing, implementing, and maintaining security and compliance frameworks across our IT infrastructure. You’ll work closely with teams across the organization to ensure our systems align with regulatory standards and industry best practices, while maintaining a robust security posture.

Key Responsibilities:

• Security Controls: Implement and maintain security measures across cloud, on-premises, and hybrid environments to safeguard systems, networks, and data.
• Compliance Management: Ensure adherence to key regulations and standards such as NIST, CMMC, and ITAR.
• Audits & Assessments: Conduct regular security audits, vulnerability assessments, and risk analyses, identifying gaps and driving remediation efforts.
• Framework Development: Develop and enforce security policies, procedures, and standards in line with best practices (e.g., NIST SP 800-171).
• Incident Response: Lead the identification, investigation, and resolution of security incidents to minimize impact and mitigate risks.
• Collaboration: Partner with IT, Legal, and software teams to ensure security is embedded across all business processes and technology stacks.
• Third-party Risk Management: Evaluate and manage the security risks posed by third-party vendors, ensuring their compliance with our security requirements.
• Security Awareness: Conduct training and workshops to promote security best practices across the organization.
• Documentation: Maintain clear and detailed documentation for security policies and compliance reporting, ensuring transparency and accountability.

Minimum Qualifications:

• Bachelor’s degree in Information Security, Computer Science, or a related field (or equivalent experience).
• 6+ years of experience in security and compliance, especially within cloud or hybrid IT environments.
• Proficiency with regulatory frameworks such as NIST 800-171, CMMC, and ITAR.
• Hands-on experience with security tools like SIEM, IDS/IPS, vulnerability scanners, and endpoint protection systems.
• Experience with securing multi-site cloud platforms (AWS, Azure, GCP).
• Strong understanding of networking protocols, firewalls, VPNs, and encryption technologies.
• Experience with identity management, access control (IAM), and zero-trust architecture.
• Excellent communication skills to explain complex security concepts to both technical and non-technical stakeholders.
• Relevant certifications such as CISSP, CISM, CEH, CISA, or OSCP are highly preferred.

Preferred Experience:

• 8+ years of experience in security and compliance.
• Experience in industries with defense or aerospace compliance requirements.
• Familiarity with government compliance programs like FedRAMP.
• Hands-on experience with security automation and orchestration.
• Strong knowledge of risk management methodologies and governance practices.

What We Offer:

• Long-term incentives, including stock options.
• Comprehensive benefits package, including medical, vision, and dental coverage.
• 401(k) retirement plan with employer matching.