Apply on Employer Site

Anduril Industries · 3 hours ago

Senior Manager, Cyber Assurance

Costa Mesa, CA

Full-time

Onsite

Senior Level, Lead/Staff

$191K/yr - $253K/yr

8+ years exp

Anduril Industries is a defense technology company with a mission to transform U.S. and allied military capabilities with advanced technology. They are seeking a Senior Manager, Cyber Assurance to provide strategic and operational leadership for the Cyber Assurance Team, ensuring cybersecurity authorizations and compliance with security policies throughout the system lifecycle.

AerospaceArtificial Intelligence (AI)GovernmentMilitaryNational Security

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Define the CAT vision, objectives, and performance metrics

Prioritize and allocate resources across ISSM, ISSO, and ISSE tasks to meet program milestones

Direct the end‑to‑end RMF lifecycle (categorization, control selection, implementation, assessment, authorization, and continuous monitoring) for all classified systems

Ensure System Security Plans (SSP), Security Assessment Reports (SAR), and POA&Ms are authored, reviewed, and updated in coordination with the ISSM

Supervise, mentor, and evaluate ISSM, ISSO, and ISSE personnel; maintain certification currency and professional development

Conduct regular CAT meetings, status briefings, and after‑action reviews

Oversee the continuous monitoring program, integrating findings from Splunk, Tenable, and other security tools

Manage GRC platforms (eMASS, Xacta) to track security artifacts, compliance evidence, and audit trails

Serve as Responsible Officer (or designate an Alternate) for COMSEC operations, ensuring proper key generation, distribution, accounting, and crypto‑erase processes

Lead risk‑assessment workshops to identify threats, vulnerabilities, and mitigation strategies specific to each protection level

Direct incident‑response activities, coordinating with the ISSO, ISSE, and government incident‑response teams

Provide executive briefings on authorization status, security posture, and risk‑based decisions

Contribute security guidance and accreditation strategies during proposal development, preliminary design reviews (PDR), and critical design reviews (CDR)

Ensure security architecture documentation is incorporated into proposal deliverables

Ensure zero critical POA&M items remain open beyond 90 days; drive timely closure of all findings

Prepare for and support government security‑assessment visits, ensuring no findings that could suspend an ATO

Drive and monitor vulnerability‑remediation timelines – Establish and enforce the CAT‑I (≤ 15 days), CAT‑II (≤ 30 days) and CAT‑III (≤ 90 days) remediation windows for all identified findings; implement a tracking dashboard, conduct weekly status reviews, and intervene when any ticket approaches its deadline

Guarantee STIG compliance across the environment – Direct the team to achieve and sustain DISA‑STIG compliance scores of ≥ 95 % on every managed system, using automated configuration‑validation tools (e.g., Puppet, SCAP) and periodic audit checkpoints

Ensure incident‑response SLAs are met – Define severity‑based response and resolution targets, supervise the incident‑response workflow, and verify that all security events are closed within the agreed‑upon SLA windows; report outliers to senior leadership and trigger corrective‑action plans

Implement performance‑tracking and reporting – Develop key‑performance indicators (KPIs) for each of the above areas, produce weekly and monthly status briefs for the ISSO/ISSM and the USG Digital‑Infrastructure Working Group, and adjust resources or processes proactively to meet contractual obligations

Qualification

Cybersecurity leadershipNIST 800-53DoD RMFCISSPJSIGIncident responseRisk assessmentSecurity complianceStakeholder managementTeam leadershipCommunication skillsMentoring

Required

Bachelor's degree in Computer Science, Information Security, or related field

8+ years of progressive cyber‑security leadership experience in DoD or classified environments

AM/IAT Level III (CISSP, CASP+, CISM, or equivalent)

Deep knowledge of JSIG, ICD 503, NIST 800‑53, DoD RMF (DoDI 8510.01)

Proven success obtaining ATO/IATT/IATO for PL‑2‑4 systems on NIPR, SIPR, and JWICS networks

Familiarity with SAP security, compartmented access controls, and COMSEC key management

Experience leading cross‑functional security teams (ISSM, ISSO, ISSE)

Strong communication and stakeholder‑management abilities to interface with DISA, NSA, DIA, service CIOs, and government ISSMs

Active DoD Top Secret (TS/SCI‑eligible) clearance

Preferred

Master's degree in Computer Science, Information Security, or related field

Additional certifications such as PMP, CISSP‑ISSAP, or CIPP

Benefits

Comprehensive medical, dental, and vision plans at little to no cost to you.

We cover full cost of medical insurance premiums for you and your dependents.

We offer an annual contribution toward your private health insurance for you and your dependents.

Income Protection: Anduril covers life and disability insurance for all employees.

Generous time off: Highly competitive PTO plans with a holiday hiatus in December. Caregiver & Wellness Leave is available to care for family members, bond with a new baby, or address your own medical needs.

Family Planning & Parenting Support: Coverage for fertility treatments (e.g., IVF, preservation), adoption, and gestational carriers, along with resources to support you and your partner from planning to parenting.

Mental Health Resources: Access free mental health resources 24/7, including therapy and life coaching. Additional work-life services, such as legal and financial support, are also available.

Professional Development: Annual reimbursement for professional development

Commuter Benefits: Company-funded commuter benefits based on your region.

Relocation Assistance: Available depending on role eligibility.

Traditional 401(k), Roth, and after-tax (mega backdoor Roth) options.

Pension plan with employer match.

Superannuation plan.