Stell helps engineers at hardware companies in heavily-regulated industries (Space, Aviation, Medical Devices) do documentation and tracking of technical contract compliance. Stell’s key innovations are (1) a user-interface for building text-rich documentation while enabling the complex linking needed to describe hardware systems, and (2) secure collaboration on technical contracts, replacing email and PDFs for our customers and their customers.
Role Description
This is a full-time hybrid role for a Compliance and Cybersecurity Manager position. The Compliance and Cybersecurity Manager will be responsible for ensuring that Stell complies with industry regulations related to cybersecurity. This manager role will work with the entire Stell team, as well as external partners, to identify and mitigate security risks to our software platform. This is a hybrid role based out of either Los Angeles or San Francisco.
Responsibilities
Lead the company's efforts to achieve and maintain the highest standards of cybersecurity compliance and readiness, aligning with industry best practices and preparing for future regulatory requirements.
Manage relationships with third-party partners and vendors to ensure their services meet our security and compliance standards.
Act as the certifying compliance officer, potentially growing into a CISO role, ensuring all security practices align with our compliance goals.
Develop and maintain the System Security Plan (SSP) and Plan of Actions and Milestones (POAM), adjusting as necessary for evolving compliance requirements such as FedRAMP and CMMC.
Maintain expert knowledge of compliance standards including SOC2, NIST 800-171, NIST 800-53, ISO 27001, and OWASP.
Utilize tools and technologies such as Terraform, AWS, and GitHub Actions for security automation and compliance monitoring. Knowledge of Java and HTML/CSS/JS programming languages a plus.
Implement and maintain security best practices across all technology stacks and platforms.
Build long-term roadmaps and execute day-to-day tasks - after all, it’s a start-up!
Manage and work closely with vendors for events like audits
Qualifications
Have a proven experience in cybersecurity, particularly in a SaaS or cloud environment, with a strong background in compliance efforts for SOC2, NIST 800-171, and ideally NIST 800-53.
Have excellent organizational, communication, and leadership skills:
You are energized by forging Stell’s growth path amidst uncertainty and rapidly changing business needs
You are comfortable communicating Stell’s cybersecurity infrastructure to customers and partners
Have a strong technical background in Terraform, AWS, GitHub Actions, and programming languages such as Java or HTML/CSS/JS.
Have experience managing third-party vendors and partners.
Nice to Haves
Previous experience in aerospace or government sectors.
Professional certifications such as CISSP, CISM, AWS security certifications, Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or Certified Information Systems Auditor (CISA).
What Stell Offers
Flexibility and autonomy at work in a hybrid work environment - we have offices in SF or LA and are in-office 3 days a week
Mission to support the aerospace and US manufacturing ecosystem - Stell exists to serve hardware engineers developing and building some of the most important tech in our time (rockets, satellites, drones!)
Sizable equity - you become an owner of this company
Competitive salary
Healthcare, vision, dental
Relocation stipend available
We value diversity at Stell, and encourage everyone to apply.
Employment type
Full-time
Referrals increase your chances of interviewing at Stell by 2x