Be more than just an employee number! Join Terran Orbital, a leader in innovation, manufacturing, and operations in the satellite industry. We are a pioneer in the miniaturization of space technologies and the delivery of responsive space solutions. We are a unique, fast-growing, and trusted team focused on quickly and economically designing, building, launching, and operating state-of-the-art satellites for advanced mission constellations.

Terran Orbital is seeking an experienced Director of Cybersecurity to join our growing team. The Director of Cybersecurity will be responsible for overseeing and enhancing the overall security posture and networking infrastructure of the organization. This position requires a deep understanding of cybersecurity, compliance frameworks such as CMMC v2, NIST, and the ability to develop and implement effective security policies.

Key Duties and Responsibilities

1. Cybersecurity Leadership:
1. Develop and execute a comprehensive cybersecurity strategy in alignment with business objectives.
2. Stay abreast of the latest cyber threats, vulnerabilities, and industry best practices to ensure proactive security measures.
2. CMMC v2 Compliance:
1. Lead the organization's efforts in achieving and maintaining compliance with CMMC v2 requirements.
2. Collaborate with cross-functional teams to implement and monitor controls necessary for CMMC compliance.
3. NIST Framework:
1. Apply and enforce NIST cybersecurity framework principles throughout the organization.
2. Conduct regular risk assessments and implement mitigation strategies based on NIST guidelines.
4. Policy Development and Enforcement:
1. Develop, implement, and manage cybersecurity policies and procedures to ensure the confidentiality, integrity, and availability of information assets.
2. Ensure all employees are trained on and adhere to established cybersecurity policies.
5. Incident Response and Investigation:
1. Develop and maintain an incident response plan, including coordination with relevant stakeholders.
2. Conduct investigations into security incidents, breaches, and vulnerabilities, providing recommendations for improvements.
6. Vendor Management:
1. Evaluate and manage cybersecurity vendors to ensure their products and services align with the organization's security requirements.
2. Establish and maintain strong relationships with external partners and vendors.
7. Threat Intelligence and Monitoring:
1. Threat Intelligence: Establish and maintain a threat intelligence program to proactively identify and mitigate emerging threats.
2. Continuous Monitoring: Implement advanced monitoring tools and techniques to continuously monitor the organization's network for suspicious activities.
8. Data Protection and Privacy:
1. Data Governance: Develop and enforce data protection policies to ensure compliance with data privacy regulations such as GDPR, CCPA, etc.
2. Encryption Standards: Ensure the implementation of robust encryption standards for data at rest and in transit.
9. Business Continuity and Disaster Recovery:
1. BC/DR Planning: Develop and maintain business continuity and disaster recovery plans to ensure the organization can quickly recover from cyber incidents.
2. Regular Testing: Conduct regular drills and simulations to test the effectiveness of BC/DR plans.
10. Security Awareness and Training:
1. Security Culture: Foster a culture of security awareness across the organization through regular training and awareness programs.
2. Phishing Simulations: Conduct periodic phishing simulations to test and improve employee awareness and response to phishing attacks.

1. Regulatory Compliance and Audits:
1. Audit Management: Coordinate and manage internal and external cybersecurity audits to ensure compliance with regulatory requirements.
2. Regulatory Updates: Stay informed about changes in cybersecurity regulations and ensure the organization adapts to maintain compliance.

1. Collaboration with Network Engineering:
1. Advisory Role: Work closely with the Senior Network Engineer to ensure that network security measures are aligned with overall cybersecurity strategy.
2. Security Integration: Provide guidance on integrating security best practices into network design, implementation, and maintenance.
3. Joint Initiatives: Collaborate on joint initiatives to enhance network security, such as implementing zero-trust architecture and advanced threat detection systems.