Senior Manager, Cyber Assurance

Anduril Industries-posted 1 day ago
Full-time • Senior
Costa Mesa, CA
1,001-5,000 employees
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

The Cyber Assurance Team comprises ISSM, ISSO, and ISSE personnel who collectively ensure security compliance, authorization success, and security engineering throughout the system lifecycle. CAT members support proposal development, design reviews, system authorization, and continuous monitoring across all protection levels. We are looking for a Senior Manager, Cyber Assurance to provide strategic and operational leadership for the Cyber Assurance Team to ensure that all program systems achieve and maintain cybersecurity authorizations, comply with applicable security policies (JSIG, ICD 503, NIST 800‑53, DoD RMF), and deliver secure engineering throughout the system lifecycle. The Manager aligns CAT activities with proposal development, design reviews, system authorization, and continuous monitoring across all protection levels (PL‑2‑4).

  • Define the CAT vision, objectives, and performance metrics
  • Prioritize and allocate resources across ISSM, ISSO, and ISSE tasks to meet program milestones.
  • Direct the end‑to‑end RMF lifecycle (categorization, control selection, implementation, assessment, authorization, and continuous monitoring) for all classified systems.
  • Ensure System Security Plans (SSP), Security Assessment Reports (SAR), and POA&Ms are authored, reviewed, and updated in coordination with the ISSM.
  • Supervise, mentor, and evaluate ISSM, ISSO, and ISSE personnel; maintain certification currency and professional development.
  • Conduct regular CAT meetings, status briefings, and after‑action reviews.
  • Oversee the continuous monitoring program, integrating findings from Splunk, Tenable, and other security tools.
  • Manage GRC platforms (eMASS, Xacta) to track security artifacts, compliance evidence, and audit trails.
  • Serve as Responsible Officer (or designate an Alternate) for COMSEC operations, ensuring proper key generation, distribution, accounting, and crypto‑erase processes.
  • Lead risk‑assessment workshops to identify threats, vulnerabilities, and mitigation strategies specific to each protection level.
  • Direct incident‑response activities, coordinating with the ISSO, ISSE, and government incident‑response teams.
  • Provide executive briefings on authorization status, security posture, and risk‑based decisions.
  • Contribute security guidance and accreditation strategies during proposal development, preliminary design reviews (PDR), and critical design reviews (CDR).
  • Ensure security architecture documentation is incorporated into proposal deliverables.
  • Ensure zero critical POA&M items remain open beyond 90 days; drive timely closure of all findings.
  • Prepare for and support government security‑assessment visits, ensuring no findings that could suspend an ATO.
  • Drive and monitor vulnerability‑remediation timelines – Establish and enforce the CAT‑I (≤ 15 days), CAT‑II (≤ 30 days) and CAT‑III (≤ 90 days) remediation windows for all identified findings; implement a tracking dashboard, conduct weekly status reviews, and intervene when any ticket approaches its deadline 03 - (CUI) Stat... (OCR).pdf.
  • Guarantee STIG compliance across the environment – Direct the team to achieve and sustain DISA‑STIG compliance scores of ≥ 95 % on every managed system, using automated configuration‑validation tools (e.g., Puppet, SCAP) and periodic audit checkpoints
  • Ensure incident‑response SLAs are met – Define severity‑based response and resolution targets, supervise the incident‑response workflow, and verify that all security events are closed within the agreed‑upon SLA windows; report outliers to senior leadership and trigger corrective‑action plans.
  • Implement performance‑tracking and reporting – Develop key‑performance indicators (KPIs) for each of the above areas, produce weekly and monthly status briefs for the ISSO/ISSM and the USG Digital‑Infrastructure Working Group, and adjust resources or processes proactively to meet contractual obligations.
  • Bachelor’s degree in Computer Science, Information Security, or related field (Master’s preferred).
  • 8+ years of progressive cyber‑security leadership experience in DoD or classified environments.
  • Certifications AM/IAT Level III (CISSP, CASP+, CISM, or equivalent).
  • Deep knowledge of JSIG, ICD 503, NIST 800‑53, DoD RMF (DoDI 8510.01).
  • Proven success obtaining ATO/IATT/IATO for PL‑2‑4 systems on NIPR, SIPR, and JWICS networks.
  • Familiarity with SAP security, compartmented access controls, and COMSEC key management.
  • Experience leading cross‑functional security teams (ISSM, ISSO, ISSE).
  • Strong communication and stakeholder‑management abilities to interface with DISA, NSA, DIA, service CIOs, and government ISSMs.
  • Active DoD Top Secret (TS/SCI‑eligible) clearance.
  • Additional certifications such as PMP, CISSP‑ISSAP, or CIPP are a plus.
  • Healthcare Benefits US Roles: Comprehensive medical, dental, and vision plans at little to no cost to you.
  • UK & AUS Roles: We cover full cost of medical insurance premiums for you and your dependents.
  • IE Roles: We offer an annual contribution toward your private health insurance for you and your dependents.
  • Additional Benefits Income Protection : Anduril covers life and disability insurance for all employees.
  • Generous time off : Highly competitive PTO plans with a holiday hiatus in December.
  • Caregiver & Wellness Leave is available to care for family members, bond with a new baby, or address your own medical needs.
  • Family Planning & Parenting Support: Coverage for fertility treatments (e.g., IVF, preservation), adoption, and gestational carriers, along with resources to support you and your partner from planning to parenting.
  • Mental Health Resources: Access free mental health resources 24/7, including therapy and life coaching.
  • Additional work-life services, such as legal and financial support, are also available.
  • Professional Development: Annual reimbursement for professional development
  • Commuter Benefits: Company-funded commuter benefits based on your region.
  • Relocation Assistance: Available depending on role eligibility.
  • Retirement Savings Plan US Roles: Traditional 401(k), Roth, and after-tax (mega backdoor Roth) options.
  • UK & IE Roles: Pension plan with employer match.
  • AUS Roles: Superannuation plan.
Track Jobs with Teal

Job Search Resources

Resume Builder
Resume Examples
Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service