Information Systems Security Engineer

Discover open roles and opportunities in our portfolio

A thriving economy in space is needed to make life on Earth more vibrant, sustainable, and equitable. Space technology will enable global access to information, solutions to climate change, answers to global food security, products that transform healthcare, clean energy production, and more. Today, rocket launch options are slow, expensive, and unreliable. Stoke is building the world’s most efficient fully and rapidly reusable rocket designed to fly daily that will radically increase access to space and open up the space economy to safeguard our precious home, Earth.

Description

Reusable launch systems are the key to seamlessly connecting Earth and space. Security and compliance with applicable frameworks are foundational to these efforts. As an Information Systems Security Engineer in Stoke Space’s Information Technology department, you’ll be the person ensuring that our information security posture meets our rapidly growing needs and achieves our ISO 27001:2022 compliance obligations while facilitating a successful startup culture as we race towards our first launch of Nova.

We are a small and motivated team, and you will work across the entire Stoke organization and across product teams to define our ISMS scope, perform risk assessments, and implement security controls as necessary. Additionally, you will align our ISO 27001:2022 controls with our other GRC frameworks including NIST and FedRAMP.

You must be ready to stay focused, move fast, self-direct, and learn on the fly.

Responsibilities

• Lead the development, implementation, and continuous improvement of the ISO/IEC 27001:2022-compliant ISMS
• Own the risk assessment process, including identifying, evaluating, and treating information security risks
• Define, document, and enforce security policies, standards, and procedures in alignment with ISO 27001:2022 Annex A controls
• Monitor and analyze security systems and alerts to identify suspicious activities and respond to potential threats
• Conduct regular security audits and vulnerability assessments to identify and mitigate potential risks
• Align the organization’s ISO 27001 implementation with complementary security frameworks such as NIST 800-53, NIST 800-171, FedRAMP and SOC 2, where applicable
• Collaborate with cross-functional teams to integrate security controls into business processes, IT systems, and engineering development
• Stay current with changes to ISO standards, emerging threats, and evolving compliance obligations
• Assist with hands-on system administration tasks, particularly those related to security configurations
• Perform additional duties as assigned to support organizational goals and objectives

Qualifications

• Exceptional understanding of IT infrastructure, including applications, networks, servers, storage, and cloud technologies
• Strong analytical and problem-solving skills to identify, address, and mitigate security risks and issues
• Bachelor’s degree in Computer Science, Cybersecurity or related field
• 5+ years of experience in Information Security field
• Deep understanding of ISO/IEC 27001:2022, including Annex A controls and risk-based implementation

Preferred Qualifications

• Relevant certifications such as ISO/IEC 2700:2002 Lead Implementer, CISSP, or CISA
• Knowledge of other frameworks (e.g., NIST 800-53/171, SOC 2) is a plus
• Experience in aerospace and/or manufacturing organizations
• Prior experience working in a startup environment, demonstrating adaptability, resourcefulness, and a hands-on approach to security management
• Equity – We know that our employees are the reason we succeed. To give everyone a stake in our future, we are pleased to offer equity in the form of stock options to all regular, full-time employees.
• Company-paid life and disability insurance
• 401(k) plan with employer match
• Holidays – 10 days (including an end-of-year closure)
• On-site gym or monthly wellness stipend (depending on location)
• Dog friendly offices!

Compensation

Target Levels:

• Level 3 range: $127,200 - $190,800
• Level 4 range: $152,600 - $229,000

Our job posts are intentionally written to attract a wide variety of experience levels, and we make decisions about the right fit on a per-candidate basis.

Your actual level and base salary will be decided based on your specific experience and skill level.

To conform to U.S. Government space technology export regulations, including the International Traffic in Arms Regulations (ITAR), you must be a U.S. citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C. 1324b(a)(3), or eligible to obtain the required authorizations from the U.S. Department of State.

The Company is an Equal Opportunity Employer, including with respect to disability and veteran status. It is committed to compliance with all equal opportunity laws, including the Immigration and Nationality Act (INA) and Title VII. It does not discriminate on the basis of nationality, race, citizenship, immigration status, or any other protected class when it comes to employment practices, including hiring.

Employment at the Company is contingent upon satisfactory completion of reference and backgroundchecks, and on your ability to prove your identity and authorization to work in the U.S. for the Company. Employees must comply with the United States Citizenship and Immigration Services employment verification requirements, and, therefore, they must complete an Employment Eligibility Verification Form I-9 at the start of employment and re-verify authorization to work periodically.

Separate from this I-9 process, this position entails access to certain technology and technical data that is restricted under U.S. export control laws and regulations. Employment or continued employment may be conditioned on your legal authorization to work with or have access to export control materials as necessary to perform your job.