Cybersecurity Administrator II - CUI
Ursa Major Technologies
The future of aerospace and defense starts here.
Ursa Major was founded to revolutionize how America and its allies access and apply high-performance propulsion, from hypersonics to solid rocket motors, satellite maneuvering and launch. We design and deliver propulsion and defense systems that solve the most urgent and critical national security demands.
We are bringing a new model to space access: one in which every link in an enormous value chain isn’t limited by those around it. We design rocket engines and propulsion solutions.
Our products and technologies require an extraordinary team. A team that will ensure the security of tomorrow’s technologies while deploying today’s best. We are an intrinsically motivated team with a passion for solving problems and empowering each other every day to develop our skills, knowing that there is always room for growth.
The Cybersecurity Administrator II is a technical leadership role responsible for overseeing the organization’s cybersecurity strategy with a primary focus on risk mitigation for Controlled Unclassified Information (CUI). This position involves managing advanced security infrastructure, conducting high-level risk assessments, and leading the implementation of security policies to ensure compliance with federal regulations such as NIST SP 800-171 and CMMC. The Administrator will collaborate with stakeholders to reduce the probability of a material impact due to a cyber event, specifically targeting the protection of sensitive data flows.
Responsibilities:
- Risk Mitigation & CUI Oversight
- Identify and Prioritize Risks: Conduct high-level risk assessments and threat modeling specifically focused on the protection of CUI and Federal Contract Information (FCI).
- Develop Mitigation Strategies: Oversee the implementation and advancement of comprehensive risk mitigation strategies to ensure data integrity and confidentiality at the CUI level.
- Data Flow Analysis: Work with stakeholders and external vendors to ensure risk management and CUI handling protocols are embedded in all applicable organizational processes and systems.
- Technical Controls: Establish and enforce advanced security policies and protocols across the organization to meet stringent federal data protection standards.
- Security & Compliance Management
- Infrastructure Optimization: Manage and optimize security infrastructure, including firewalls, IDS/IPS, and SIEM systems, ensuring they are tuned to detect threats against sensitive data environments.
- Federal Compliance Leadership: Lead the technical implementation of compliance programs to adhere to CMMC, NIST (800-171/800-53), FISMA, and FedRAMP.
- Documentation & Auditing: Develop and maintain critical documentation, including System Security Plans (SSPs), Risk Assessment Reports (RARs), and Plan of Action and Milestones (POA&M) specifically for CUI-governed systems.
- Audit Readiness: Oversee regular compliance audits and assessments, ensuring all findings related to CUI protection are addressed promptly.
- Incident Response & Mentorship
- Directed Response: Lead the development of incident response plans and manage efforts for cybersecurity incidents, ensuring effective containment and recovery of impacted CUI assets.
- Post-Incident Analysis: Conduct detailed post-incident analysis to extract lessons learned and improve future risk mitigation strategies.
- Training and Awareness: Develop and lead cybersecurity training programs for employees and junior staff, focusing on proper CUI handling and compliance requirements.
Qualifications:
- Education & Experience: Minimum of 5-7 years of experience in cybersecurity, with a heavy focus on risk management and federal data protection.
- An equivalent combination of a Master’s degree with 1-3 years of experience, or a Bachelor’s degree with 3-5 years of experience is acceptable.
- Regulatory Expertise: Extensive experience working with government contracts and a deep understanding of federal cybersecurity regulations, particularly NIST SP 800-171 and CMMC.
- Certifications: Advanced certifications such as CISSP, CISM, or CISA are preferred; specialized risk certifications like CRISC or CEH are a significant plus.
- Skills: Advanced proficiency in security technologies (SIEM, firewalls, IDS/IPS).
- Clearance: Ability to obtain and maintain government security clearance is strongly preferred.
- Strong leadership, mentorship, and communication skills to bridge the gap between technical requirements and management goals.
Colorado law requires us to tell you the base compensation range of this role, which is $94,000 - $117,000, determined by your education, experience, knowledge, skills, and abilities. The salary range for this role is intentionally wide as we are evaluating individuals based on their unique experience and abilities to fit our needs. Most importantly, we are excited to meet you, and see if you are a great fit for our team. What we can’t quantify for you are the exciting challenges, supportive team, and amazing culture we enjoy.
Classification: Full-Time, Exempt
Click here for more information about our awesome benefits.
Benefits Include: (Please note, Interns are not eligible for benefits)
- Unlimited PTO - Vacation, Sick, Personal, and Bereavement
- Paid Parental and Adoptive Leave
- Medical, Dental and Vision Insurance
- Tax Advantage Accounts (HSA/FSA)
- Employer Paid Short and Long Term Disability, Basic Life, AD&D
- Additional Benefit Options Including Voluntary Life and Emergency Medical Transport
- EAP Program
- Retirement Savings Plan - Traditional 401(k) and a Roth 401(k)
- Equity Grants in the Company
How To Apply:
Interested candidates are encouraged to apply by filling out the application below and clicking "Submit Application". This position will be posted for a minimum of 3 days and will remain open until filled or adjusted based on the volume of applicants.