Cyber Security Specialist Senior - Security

York Space Systems was founded to radically improve spacecraft affordability and reliability, transforming, and enabling next- generation space mission operations worldwide. Today, York is one of the most innovative aerospace companies, specializing in end-to-end customer solutions and the rapid production of spacecraft platforms. York's complete Space Segment Solution includes spacecraft production, payload integration, system integration & test, launch services, ground segment services, and mission operations, enabling customers to leverage York's existing technology solutions to get to orbit rapidly and responsively. We're looking to expand our team across the board.

York Space Systems is seeking a Senior Cybersecurity Specialist to lead cybersecurity operations within the corporate environment with a distinct emphasis on penetration testing and offensive security assessments. This role will balance day-to-day SOC and vulnerability management duties with planning and executing authorized penetration tests, red/purple team activities, and translating findings into prioritized remediation and executive-level reports.

The selected candidate will bring strong operational expertise, hands-on offensive and defensive technical skills, and the ability to manage sensitive testing scopes for space and DoD systems while supporting compliance with applicable standards (e.g., NIST SP 800-171, CMMC Level 2, DFARS). Please note this position is fully onsite in Greenwood Village, CO, Monday - Friday.

RESPONSIBILITES:

Cybersecurity Operations

• Lead daily cybersecurity operations, including monitoring, alert triage, incident response, and remediation.

• Manage and optimize enterprise security tools (EDR, SIEM, vulnerability scanners, identity management, firewalls).

• Conduct threat hunting and forensic analysis to identify suspicious activity across endpoints, networks, and cloud environments.

• Oversee vulnerability management lifecycle from scanning and prioritization to remediation and reporting.

• Maintain and enhance incident response playbooks; lead tabletop exercises and post-incident reviews.

• Collaborate with IT, engineering, and compliance teams to ensure controls are implemented and effective.

• Provide operational guidance on compliance frameworks (e.g., NIST SP 800-171, CMMC Level 2).

• Build and maintain dashboards, metrics, and executive-level reports on overall security posture.

• Interface with MSSPs, investigate escalations, and coordinate control improvements.

Satellite Penetration Testing

• Plan, scope, and execute authorized penetration tests for York's satellites and supporting ground infrastructure in controlled, non-flight environments.

• Conduct reconnaissance, vulnerability scanning, and exploit validation for spacecraft subsystems, payload interfaces, command and telemetry links, and ground-station software, as authorized.

• Work with mission operations, systems engineering, and legal/safety teams to ensure testing aligns with operational and export-control requirements.

• Analyze penetration test findings, document exploitable paths, and produce risk-ranked reports with technical and executive summaries.

• Communicate vulnerabilities, mission impacts, and remediation priorities to engineering and management teams.

• Validate remediation effectiveness through follow-up testing and control verification.

REQUIRED QUALIFICATIONS:

• Bachelor's Degree in Cybersecurity, Computer Science, Information Systems, or related field AND 6 years of directly related experience in IT, networking, or security, OR an equivalent combination of education and experience.

• Minimum 6 years of experience in cybersecurity operations (SOC, incident response, vulnerability management, or equivalent).

• Strong knowledge of enterprise IT environments (Windows/Linux endpoints, Active Directory, networking fundamentals).

• Experience with SIEM/EDR solutions.

• Hands-on experience with incident response and root cause analysis.

• Familiarity with NIST SP 800-171, CMMC, or other compliance frameworks.

• Familiarity with satellite, embedded, or mission-critical systems preferred, or willingness to learn.

• Relevant certification(s): CISSP (Preferred), Security+, CySA+, GCIA, GCIH, Pentest+, OSCP, PNPT.

• Strong analytical, problem-solving, and documentation skills.

• Ability to obtain and maintain a Secret clearance or higher.

PREFERRED QUALIFICATIONS:

• Experience with cloud security operations and monitoring.

• Knowledge of vulnerability management platforms and remediation workflows.

• Familiarity with firewalls, IDS/IPS, VPNs, and identity management systems.

• Scripting/programming skills (e.g., Python, PowerShell, Bash) for automation and exploit validation in controlled test environments.

• Knowledge of threat intelligence platforms and adversary tactics (MITRE ATT&CK).

• Experience in security awareness training and phishing simulations.

• Experience conducting authorized penetration testing or red/purple team operations on mission-critical systems, preferably in aerospace, satellite, or other embedded/industrial environments.

• Understanding of satellite and ground-segment architectures (telemetry, command links, payload interfaces, bus subsystems, and mission operations networks) or willingness to learn domain-specific systems.

• Working knowledge of secure coding, embedded security, or firmware testing concepts is a plus.

• Experience mentoring junior analysts or leading small project teams.

• Strong communication skills with both technical and non-technical stakeholders.

Benefits
In addition to compensation, York Space Systems is proud to offer a comprehensive benefits package including medical, dental, and vision insurance along with PTO and a 401K.

How To Apply
Interested candidates are encouraged to apply by clicking the "Apply" link at the top of the page. York Space Systems will be accepting applications on a rolling basis until the position is closed. York Space Systems provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, military or protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. Must have permanent authorization to work in the United States. This policy applies to all terms and conditions or employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training. YORK SPACE SYSTEMS IS AN EEO EMPLOYER.