Your space-enabled career begins here

If you are looking for a challenging opportunity that will ignite your passion for designing cool and innovative products, are exceptionally creative, are a great problem solver and can make things happen - apply today!

Virgin Galactic is seeking a Senior Information Security Engineer with broad experience across network security, cloud security, and modern security platforms. This role will lead the design, implementation, and continuous improvement of security controls that protect on-prem and cloud infrastructure, applications, and users against evolving threats.

This is a hands-on engineering position for someone who enjoys solving complex problems, improving security maturity, and building scalable processes. The ideal candidate is comfortable operating as a technical lead, a trusted advisor to IT and engineering teams, and a security subject matter expert (SME) across multiple domains.

Responsibilities

• Lead the strategy, evaluation, design, and implementation of security tools, processes, and controls to ensure security and privacy are built into Virgin Galactic’s on-prem and cloud environments in alignment with policy and governance requirements
• Serve as a security SME for cyber threats, risk mitigation, and security architecture across multiple cloud environments
• Drive improvements in security architecture and operational maturity using a Zero Trust philosophy, partnering with IT and infrastructure teams to design, implement, and optimize controls
• Identify security gaps across network infrastructure, prioritize remediation work with internal teams, and recommend long-term improvements
• Establish foundational processes and capabilities supporting a Red Team / Blue Team model (detection engineering, adversary simulation support, purple-team exercises, and continuous improvement loops)
• Act as the technical lead for Incident Response during security incidents, making timely and effective decisions regarding containment, eradication, recovery, and post-incident actions
• Partner with third-party providers and services (MDR, MSSP, DFIR, penetration testers, etc.) to improve detection, response, and security posture
• Stay current with emerging threats and security best practices, and translate them into actionable engineering improvement
• Mentor junior security team members and help grow internal knowledge through coaching, review, and technical guidance
• Support leadership and represent the security organization in cross-functional meetings as needed
• Create and maintain high-quality technical documentation, standards, diagrams, and runbooks
• Perform other duties as assigned
• Work collaboratively to achieve goals and/or complete assigned tasks
• Adhere to set directions and guidelines from team leader to support collaboration across teams to complete projects
• Perform additional responsibilities as assigned by the Team Lead, Manager, or Director

Required Skills and Experience

• Typically requires bachelor’s degree in computer science, Information Security, Engineering, Cybersecurity or related field and/or equivalent level of experience with 8 years of hands-on cybersecurity engineering experience, with a strong focus on securing multi-site enterprise networks
• Strong background in IT infrastructure and networking.
• Practical experience with information security tools, including EDR, SIEM, SOAR, SWG, and SASE, with the ability to tune policies and improve user experience.
• Strong understanding of Zero Trust principles and the ability to translate them into real-world architecture and control improvements
• Experience securing cloud workloads in a multi-cloud environment (Azure strongly preferred)
• Strong analytical and problem-solving skills, including the ability to assess complex security issues, analyse data, and develop practical, effective solutions
• Excellent communication and collaboration skills, including the ability to explain technical concepts to both technical and non-technical stakeholders
• Strong writing skills for technical documentation, standards, incident reports, and runbooks
• Ability to work self-directed in a fast-paced engineering environment; must be proactive in identifying problems and driving them through to closure
• Experience designing and improving security monitoring and detection engineering practices (use-case development, alert tuning, signal-to-noise improvements)
• Experience working closely with MDR, MSSP, DFIR, and penetration testing partners to improve security outcomes
• Experience implementing automation techniques to enhance operational processes, with practical coding experience and proficiency in automation tools
• Strong understanding of incident response processes and familiarity with forensic or investigation workflows
• Must demonstrate organizational and time management skills
• Ability to communicate in a manner that is timely, respectful, and open to other ideas
• Demonstrate willingness to adjust thinking and behaviour

Physical and/or Additional Requirements

• Must be able to work flexible hours outside of normal business hours
• Be part of on call rotation
• Must be able to sit or stand for extended periods
• Must be a “U.S. person” as defined by the ITAR (22 CFR §120.15)
• Must be able to stoop, bend, crawl, and being able to maneuver in tight spaces
• Ability to routinely lift 20-30 lbs. and occasionally lift and move 40 lbs (unassisted)

#LI-HS1

The annual U.S. base salary range for this full-time position is $112,157.00–$162,662.00. The base pay actually offered will vary depending on job-related knowledge, skills, location, and experience and take into account internal equity. Other forms of pay (e.g., bonus or long term incentive) may be provided as part of the compensation package, in addition to a full range of medical, financial, and other benefits, dependent on the position offered. For more information regarding Virgin Galactic benefits, please visit https://vgcareers.virgingalactic.com/global/en/benefits

Who We Are

Virgin Galactic is an aerospace and space travel company, pioneering human spaceflight for private individuals and researchers with its advanced air and space vehicles. We are making the dream of space travel a reality, delivering spaceflight at an unprecedented frequency, with the development of next generation space vehicles.

Export Requirements
To conform to U.S. Government export regulations, applicant must be a U.S. Person (either a U.S. citizen, a lawful permanent resident or a protected individual as defined 8 U.S.C. 1324b(a)(3) or be able to obtain the required authorization from either the U.S. Department of State or the U.S. Department of Commerce. The applicant must also not be included in the list of Specifically Designated Nationals and Blocked Persons maintained by the Office of Foreign Assets Control. See list here.

EEO Statement
Virgin Galactic is an Equal Opportunity Employer; employment with Virgin Galactic is governed on the basis of merit, competence and qualifications and will not be influenced in any manner by race, color, religion, gender, gender identity, national origin/ethnicity, veteran status, disability status, age, sexual orientation, marital status, mental or physical disability or any other legally protected status.

Drug Free Workplace
Virgin Galactic is committed to a Drug Free Workplace. All applicants post offer and active teammates are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria is met as outlined in our policies. This can include pre-employment, random, reasonable suspicion, and accident related drug and alcohol testing.

Phoenix Employment Requirements
For individuals seeking employment at our Phoenix Mesa Gateway Airport facility, employment is contingent upon you obtaining and maintaining a TSA authorized security badge. This includes initial and annual mandatory background checks that are governed by TSA, and conducted by the Phoenix Mesa Gateway Airport badging office.