ARCHIVED
This job listing has been archived and is no longer accepting applications.
MisuJob - AI Job Search Platform MisuJob
Login Sign Up

Infosec Engineering & GRC Manager

Slingshotaerospace

Remote, United States Remote permanent

Posted: December 12, 2025

Interested in this position?

Create a free account to apply with AI-powered matching

Register to Apply

Required Skills

Azure Microsoft 365 Services Entra ID CrowdStrike Falcon Zero-Trust

Job Description

Position Summary

Slingshot Aerospace is seeking a hands-on, technical engineer focused on Information Security & GRC Manager to protect the systems, cloud infrastructure, data, and intellectual property that power our mission to make space safer, smarter, and more connected. This role blends information security engineering, platform and systems ownership, cloud and identity architecture, and governance, risk, and compliance (GRC) while partnering closely with IT and Engineering on day-to-day operations. You will serve as the senior technical escalation point for Information Security and IT, own and operate core security platforms, strengthen Zero Trust and identity controls, lead incident response, drive automation, maintain continuous audit readiness, and lead Slingshot’s security awareness training program.

Information Security Engineering & IT Partnership

• Act as the senior escalation point for Information Security, GRC, and IT across identity, endpoint, network, cloud, and SaaS ecosystems.

• Partner with IT on joiner/mover/leaver (JML) lifecycle operations, secure configurations, patch management, device compliance, and SaaS administration.

• Lead engineering projects including security platform buildouts, integrations, migrations, and modernization efforts.

• Maintain runbooks, SOPs, hardening guides, operational baselines, and technical documentation aligned with CMMC 2.0, NIST 800-171, ISO 27001, SOC 2, and internal governance.

• Provide security architecture and design guidance to Engineering, Product, Data, and Operations teams.

• Deliver regular security metrics, risk posture reporting, and compliance status updates to leadership and customers.

Platform Ownership & Zero Trust Architecture

• Manage and secure Azure, Microsoft 365, Entra ID, Conditional Access, Intune, Defender, and Purview DLP/Insider Risk.

• Operate CrowdStrike Falcon (EDR, behavioral detections, OS hardening) and Zscaler ZIA/ZPA (secure web gateway, private access, posture checks, traffic inspection).

• Oversee VPN/firewall governance, secure remote access, and enterprise browser management platforms.

• Govern cloud posture using Wiz or similar CSPM/CNAPP tools across AWS and Azure.

• Use modern vulnerability and configuration management tools across cloud, endpoint, and SaaS environments.

• Manage identity & SaaS governance including Okta/Entra SSO, RBAC, and access reviews.

• Manage MDM platforms (Intune, Addigy ) for secure configuration and OS governance.

• Govern GitHub Enterprise security including SSO, permissions, branch protections, scanning, and CI/CD guardrails.

• Strengthen Zero Trust across identity, device, network, and cloud.

Security Operations & Automation

• Lead end-to-end incident response including detection, triage, containment, recovery, forensics, and corrective actions.

• Maintain and refine SIEM/SOAR or equivalent log analytics for high-fidelity alerts and correlation.

• Build automation using Python, PowerShell, or Go for evidence, monitoring, configuration validation, and remediation.

• Govern SaaS access, vendor permissions, app approvals, and shadow IT remediation.

• Support DNS security, certificate lifecycle management, segmentation, and secure remote connectivity.

• Improve disaster recovery (DR) and business continuity (BCP) through structured testing and validation.

Data Security & AI Governance

• Manage data classification, encryption, retention, access controls, and lifecycle protections across endpoints and cloud/SaaS.

• Operate Microsoft Purview DLP, information protection, and insider-risk features.

• Partner with Product, Engineering, Data, and Legal to ensure secure data handling.

• Support AI governance including model/vendor risk assessments, data sanitization, and secure AI usage patterns.

• Ensure secure adoption of emerging technologies (AI, automation, analytics).

Governance, Risk & Compliance (GRC)

You will own compliance across CMMC 2.0, NIST 800-171, ISO 27001 and other frameworks as needed : SOC 2, Cyber Essentials Plus, GDPR, and customer-required frameworks. Maintain SSPs, POA&Ms, diagrams, inventories, control mappings, risk assessments, policies, and audit evidence. Use Vanta and Paramify for continuous monitoring and evidence readiness. Maintain submissions and scoring in SPRS and eMASS. Lead vendor and third-party risk management including assessments and supply chain documentation. Partner with Sales, Growth, Legal, and Customer teams for RFIs, RFPs, questionnaires, and assurance activities.

Security Awareness & Training

• Own and administer the KnowBe4 program.

• Deliver role-based and companywide training and simulations.

• Track participation, behavior trends, and measurable risk reduction.

• Integrate security training into onboarding and recurring training cycles.

Basic Qualifications

• CISSP certification.

• 8+ years of experience across Information Security, IT, and GRC.

• Hands-on experience operating and maturing CMMC 2.0 and NIST 800-171.

• Strong experience with Azure, M365, Entra ID, Intune, Defender, Purview, AWS, CrowdStrike, Zscaler, and Wiz or similar CSPM/CNAPP.

• Experience with GitHub Enterprise, SaaS security, enterprise browser management, and MDM (Intune/Addigy).

• Experience with Vanta/Paramify.

• Scripting/automation skills in Python, PowerShell, or Go.

• Strong communication skills across technical and non-technical stakeholders.

• U.S. citizenship and TS/SCI eligibility required.

Preferred Qualifications

• CMMC Certified Professional (CCP) or ability to obtain.

• Experience with ISO 27001, SOC 2, GDPR, and Cyber Essentials Plus.

• Experience with secure SDLC, CI/CD, and DevSecOps.

• Experience supporting U.K./E.U. sovereignty requirements.

• Experience in defense, aerospace, or other regulated environments.

Why Slingshot

Slingshot Aerospace builds technology used for mission-critical decisions in national security, defense, and space operations. As the Infosec Engineering & GRC Manager, you will shape the systems, controls, engineering practices, and compliance frameworks that protect Slingshot’s global mission.

Location, Clearance & Compensation

• Remote (United States)

• U.S. citizenship and TS/SCI eligibility required

• Salary Range: $120,000 – $190,000

US-based Candidates: we are currently only able to hire residents of the following U.S. states: AZ, CA, CO, DC, FL, GA, HI, IL, IN, KS, MD, MA, MI, MN, MO, MT, NV, NJ, NM, NY, NC, OR, RI, TN, TX, UT, VT, VA, WA, WV, and WI. We are unable to consider candidates residing in other U.S. states at this time.

Internationally-based Candidates: we are currently only able to hire residents of the following locations: United Kingdom. We are unable to consider candidates residing in other countries at this time.

Equity, Diversity & Inclusion are key to our success. We are an Equal Opportunity Employer and our employees are people with different strengths, experiences, and backgrounds, who share a passion for creating a safer, more connected world. Diversity not only includes race and gender identity, but also national origin, citizenship, sex, color, veteran status, disability, genetic information, or any other protected characteristic that is part of one’s identity. All of our employees’ points of view are key to our success, and we embrace individuality.

Why Apply Through MisuJob?

AI-Powered Job Matching: MisuJob uses advanced artificial intelligence to analyze your skills, experience, and career goals. Our matching algorithm compares your profile against thousands of job requirements to find positions where you have the highest chance of success. This saves you hours of manual job searching and ensures you only see relevant opportunities.

One-Click Applications: Once you create your profile, applying to jobs is effortless. Your resume and cover letter are automatically tailored to highlight the most relevant experience for each position. You can apply to multiple jobs in minutes, not hours.

Career Intelligence: Beyond job matching, MisuJob provides valuable career insights. See how your skills compare to market demands, identify skill gaps to address, and understand salary benchmarks for your experience level. Make data-driven decisions about your career path.

Frequently Asked Questions

How do I apply for this position?

Click the "Register to Apply" button above to create a free MisuJob account. Once registered, you can apply with one click and track your application status in your dashboard.

Is MisuJob free for job seekers?

Yes, MisuJob is completely free for job seekers. Create your profile, get matched with jobs, and apply without any cost. We help you find your dream job without any hidden fees.

How does AI matching work?

Our AI analyzes your resume, skills, and experience to understand your professional profile. It then compares this against job requirements using natural language processing to calculate a match percentage. Higher matches mean better fit for the role.

Can I apply to jobs in other countries?

Absolutely. MisuJob features jobs from companies worldwide, including remote positions. Filter by location or look for remote opportunities to find jobs that match your preferences.

Ready to Apply?

Join thousands of job seekers using MisuJob's AI to find and apply to their dream jobs automatically.

Create Free Account Sign In
← Browse all jobs
Register to Apply