Position: Sr. InfoSec Engineer
About the Company
goTenna believes that preparedness leads to better outcomes – a multi-layered service goTenna provides straight out of the box with network setup, training, and execution. We are advancing universal access to connectivity by building the world's most intelligent and scalable mobile mesh networks. goTenna is the world's leading mobile mesh networking company, providing off-grid connectivity solutions for smartphones and other devices, as well as augmenting traditional communications networks. This technology enables mobile, long-range connectivity even without cellular service, Wi-Fi, or satellite connectivity. goTenna's drive to create resilient connectivity began during Hurricane Sandy in 2012, when approximately a third of cell towers and power stations in affected areas failed. goTenna believes that preparedness leads to better outcomes – a multi-layered service goTenna provides straight out of the box with network setup, training, and execution. Based in Brooklyn, New York, goTenna is a proud partner of the United States military, first responders, and law enforcement, among others, and is backed by investors, including Founders Fund, Union Square Ventures, Comcast Ventures, Collaborative Fund, and Bloomberg Beta.
About the Role
goTenna is seeking an Information Security professional to help the company achieve security authorizations (ATTs/ATOs) and accreditations for our and company IT infrastructure. As an Information Security Engineer, you will play a crucial role in developing and implementing security measures to safeguard our systems, networks, and data. This highly visible position provides an exciting opportunity to contribute to expanding goTenna’s customer base of government agencies with high security requirements.
As an InfoSec Engineer you will be responsible for maintaining security of our IT infrastructure/products and helping us to achieve various information security compliance certifications. In this position, you will have company-wide oversight of security and will work with teams (and consultants) to ensure security best practices are maintained across the organization. In this role you will:
-
Drive information security compliance initiatives and ensure implementation.
-
Have oversight of our IT consultants, ensuring that our IT infrastructure is maintained according to security best practices.
-
Be the subject matter expert for information security.
If you are a person who enjoys working in a creative startup environment and is excited about playing an important role in our company's success, this role is for you.
Primary responsibilities:
-
Collaborate with cross-functional teams to assess security risks and develop effective strategies for mitigating them.
-
Implement and manage security policies, procedures, and best practices to protect the organization from threats.
-
Create and maintain Authorization and Accreditation packages to include System Security Plans, Authorization Boundary Diagrams, Information Security Threat modeling and other required deliverables.
-
Field complex compliance questions from stakeholders throughout the company.
-
Play a key role in producing, updating, maintaining and enforcing information systems security policies, standards, and methodologies. Enforcement includes direct oversight of IT consultants and testing of critical cyber security controls.
-
Planning and execution of cybersecurity practices.
-
Identify and evaluate information security risks; implement IT process solutions that mitigate those risks.
-
including reviews, pursuit status, teaming decisions, pricing and win strategies.
Required Experience:
-
Bachelor's degree in information technology, information security, or computer science, or 6 years of relevant experience.
-
Experience with design, implementation, compliance, and testing of cybersecurity controls.
-
Ability to obtain and maintain a security clearance.
-
Certified Information Systems Security Professional (CISSP)
-
DOD information security compliance implementation experience (CMMC).
-
Familiarity with public and private cloud security services, concepts, and best practices, including multi-layer implementation with government clouds (i.e Azure GCC, AWS Gov Cloud)
-
Proficiency with Single Sign On (SSO) Technologies and Implementations
-
Strong knowledge of security frameworks, standards, and best practices (e.g., Zero Trust and Cybersecurity Frameworks, specifically ISO 27001, NIST 800-171 and NIST 800-207)
-
Proven experience in information security, including risk management, intrusion detection, and incident response.
-
Familiarity with security tools and technologies, including firewalls, IDS/IPS, SIEM, and antivirus solutions.
-
Proficiency in network security, encryption technologies, and secure coding practices.
-
End-point Security and Mobile Device Management (MDM)
-
Application and Web Security
-
Container and Microservices Security
-
Design and assurance of Automated Testing (CI/CD Pipelines / DevSecOps Processes)
Preferred Experience:
-
Certified CMMC Professional
-
Certified Information Security Manager (CISM), or similar certifications are a plus.
-
CompTIA Security+, Certified Ethical Hacker (CEH),
-
Offensive Security Certified Professional (OSCP), or Cloud-specific certifications (Azure Security Engineer, ...)
-
Experience managing IT documentation processes.
-
IT project management experience.
-
Thrives in a fast-paced, high growth, rapidly changing environment.
-
Demonstrated ability to identify and implement process improvement.
ITAR: U.S. Citizen or Green Card Required
Placement at the appropriate job level (entry, senior, etc.) will be determined by a combination of years of experience, demonstration of proficiency in this field, and other qualifications.
goTenna is an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
goTenna Benefits:
-
Equity
-
401(k) plan
-
Unlimited PTO
-
Parental Leave with Pay
-
Holiday pay (including December recess)
-
Medical, Dental, Vision and life insurance
-
Pre-tax benefits
-
Short- and Long-term disability plans
-
Professional Education Stipend