Sr. Information Security Engineer

If you are looking for a challenging opportunity that will ignite your passion for designing cool and innovative products, are exceptionally creative, are a great problem solver and can make things happen - apply today!

Virgin Galactic is seeking a Senior Information Security Engineer with broad experience across network security, cloud security, and modern security platforms. This role will lead the design, implementation, and continuous improvement of security controls that protect on-prem and cloud infrastructure, applications, and users against evolving threats.

This is a hands-on engineering position for someone who enjoys solving complex problems, improving security maturity, and building scalable processes. The ideal candidate is comfortable operating as a technical lead, a trusted advisor to IT and engineering teams, and a security subject matter expert (SME) across multiple domains.

Responsibilities

• Lead the strategy, evaluation, design, and implementation of security tools, processes, and controls to ensure security and privacy are built into Virgin Galactic’s on-prem and cloud environments in alignment with policy and governance requirements
• Serve as a security SME for cyber threats, risk mitigation, and security architecture across multiple cloud environments
• Drive improvements in security architecture and operational maturity using a Zero Trust philosophy, partnering with IT and infrastructure teams to design, implement, and optimize controls
• Identify security gaps across network infrastructure, prioritize remediation work with internal teams, and recommend long-term improvements
• Establish foundational processes and capabilities supporting a Red Team / Blue Team model (detection engineering, adversary simulation support, purple-team exercises, and continuous improvement loops)
• Act as the technical lead for Incident Response during security incidents, making timely and effective decisions regarding containment, eradication, recovery, and post-incident actions
• Partner with third-party providers and services (MDR, MSSP, DFIR, penetration testers, etc.) to improve detection, response, and security posture
• Stay current with emerging threats and security best practices, and translate them into actionable engineering improvement
• Mentor junior security team members and help grow internal knowledge through coaching, review, and technical guidance
• Support leadership and represent the security organization in cross-functional meetings as needed
• Create and maintain high-quality technical documentation, standards, diagrams, and runbooks
• Perform other duties as assigned
• Work collaboratively to achieve goals and/or complete assigned tasks
• Adhere to set directions and guidelines from team leader to support collaboration across teams to complete projects
• Perform additional responsibilities as assigned by the Team Lead, Manager, or Director

Required Skills and Experience

• Typically requires bachelor’s degree in computer science, Information Security, Engineering, Cybersecurity or related field and/or equivalent level of experience with 8 years of hands-on cybersecurity engineering experience, with a strong focus on securing multi-site enterprise networks
• Strong background in IT infrastructure and networking.
• Practical experience with information security tools, including EDR, SIEM, SOAR, SWG, and SASE, with the ability to tune policies and improve user experience.
• Strong understanding of Zero Trust principles and the ability to translate them into real-world architecture and control improvements
• Experience securing cloud workloads in a multi-cloud environment (Azure strongly preferred)
• Strong analytical and problem-solving skills, including the ability to assess complex security issues, analyse data, and develop practical, effective solutions
• Excellent communication and collaboration skills, including the ability to explain technical concepts to both technical and non-technical stakeholders
• Strong writing skills for technical documentation, standards, incident reports, and runbooks
• Ability to work self-directed in a fast-paced engineering environment; must be proactive in identifying problems and driving them through to closure
• Experience designing and improving security monitoring and detection engineering practices (use-case development, alert tuning, signal-to-noise improvements)
• Experience working closely with MDR, MSSP, DFIR, and penetration testing partners to improve security outcomes
• Experience implementing automation techniques to enhance operational processes, with practical coding experience and proficiency in automation tools
• Strong understanding of incident response processes and familiarity with forensic or investigation workflows
• Must demonstrate organizational and time management skills
• Ability to communicate in a manner that is timely, respectful, and open to other ideas
• 🎯

  Optimize Your Resume for This Job

  Get a match score and see exactly which keywords you're missing

  📊 Optimize Resume