Information Security Systems Engineer

At Stoke, we believe a thriving space economy will enable a vibrant, sustainable, and equitable future here on Earth. That is why we're building Nova, our fully and rapidly reusable launch vehicle. Designed for daily flight, Nova tackles the core challenges of space transportation by reducing cost, increasing availability, and improving reliability. By radically lowering launch costs and increasing flight cadence, we're helping create a truly scalable space industry.

Our team is mission-driven, collaborative, and empowered to take ownership of their work. If you want to work alongside some of the most dedicated and talented people on Earth, we'd love to have you join us.

Description

Reusable launch systems depend on secure, resilient, and well-architected information systems. As an Information Security Systems Engineer , you will design, implement, document and continuously improve the technical security controls that protect Stoke's infrastructure, engineering environments, manufacturing systems, and sensitive aerospace data.

This is a hands-on security engineering role with ownership of Stoke's evolving information security program. You will strengthen, maintain, and mature the technical controls that protect our infrastructure, engineering systems, and manufacturing environments, while driving risk management and framework alignment efforts. You will translate regulatory requirements (including NIST 800-53/171, FedRAMP, ISO 27001, and SOC frameworks) into practical, scalable controls embedded within our systems and maintain the documentation and evidence necessary to support audits and compliance activities.

We are a small, highly motivated team. You will work across IT, software engineering, manufacturing, and operations to implement scalable security guardrails that enable teams to move fast without compromising risk posture.

You must be ready to stay focused, move quickly, self-direct, and learn on the fly.

Responsibilities

• Lead and facilitate the risk assessment process, including identifying, evaluating, and treating information security risks
• Define, document, and enforce security policies, standards, and procedures in alignment with regulatory and industry compliance standards, including NIST 800-53/171, SOC1/SOC2, ISO 27001
• Design, implement, and continuously improve security controls across cloud and on-premise systems, including identity, endpoint, network, and logging environments
• Monitor and analyze security systems and alerts to identify suspicious activities and respond to potential threats
• Conduct regular security audits and vulnerability assessments to identify and mitigate potential risks
• Collaborate with cross-functional teams to integrate security controls into business processes, IT systems, and engineering development
• Maintain and improve documentation and evidence required to support audits and compliance activities
• Assist with hands-on system administration tasks, particularly those related to security configurations
• Perform additional duties as assigned to support organizational goals and objectives

Qualifications

• Exceptional understanding of IT infrastructure, including applications, networks, servers, storage, and cloud technologies
• Strong analytical and problem-solving skills to identify, address, and mitigate security risks and issues
• Bachelor's degree in Computer Science, Cybersecurity or related field
• 5+ years of experience in the Information Security field
• Knowledge of relevant frameworks (e.g., NIST 800-53/171, SOC 2, ISO 27001)
• Excellent written and verbal communication

Preferred Qualifications

• Professional security certifications such as CISSP, GCED, GCIH, or equivalent (or ability to demonstrate equivalent practical experience)
• Experience operating in regulated environments subject to NIST 800-171, NIST 800-53, FedRAMP, ISO 27001, SOC 2, CUI handling, or similar control frameworks
• Experience integrating security into software development lifecycles (SSDLC), including threat modeling, secure code review practices, CI/CD security controls, and vulnerability remediation workflows
• Experience in regulated environments subject to strict data protection or government-driven security requirements
• Prior experience working in a startup environment, demonstrating adaptability, resourcefulness, and a hands-on approach to security management

Benefits

• Equity - We know that our employees are the reason we succeed. To give everyone a stake in our future, we are pleased to offer equity in the form of stock options to all regular, full-time employees.
• Comprehensive benefits program including subsidized medical, dental, and vision insurance
• Company-paid life and disability insurance
• 401(k) plan with employer match
• 4 weeks' Paid Time Off
• Holidays - 10 days (including an end-of-year closure)
• Paid Family/Parental Leave
• On-site gym or monthly wellness stipend (depending on location)
• Dog friendly offices!

Compensation

Target Levels:

• Level 3 range: $133,560 - $200,340
• Level 4 range: $160,230 - $240,450

Our job posts are intentionally written to attract a wide variety of experience levels, and we make decisions about the right fit on a per-candidate basis.


Your actual level and base salary will be decided based on your specific experience and skill level.

To conform to U.S. Government space technology export regulations, including the International Traffic in Arms Regulations (ITAR), you must be a U.S. citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C. 1324b(a)(3), or eligible to obtain the required authorizations from the U.S. Department of State.

#LI-CP1

ITAR Requirements

To conform to U.S. Government space technology export regulations, including the International Traffic in Arms Regulations (ITAR), you must be a U.S. citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C. 1324b(a)(3), or eligible to obtain the required authorizations from the U.S. Department of State.

Equal Opportunity

The Company is an Equal Opportunity Employer, including with respect to disability and veteran status. It is committed to compliance with all equal opportunity laws, including the Immigration and Nationality Act (INA) and Title VII. It does not discriminate on the basis of nationality, race, citizenship, immigration status, or any other protected class when it comes to employment practices, including hiring.


Employment at the Company is contingent upon satisfactory completion of reference and backgroundchecks, and on your ability to prove your identity and authorization to work in the U.S. for the Company. Employees must comply with the United States Citizenship and Immigration Services employment verification requirements, and, therefore, they must complete an Employment Eligibility Verification Form I-9 at the start of employment and re-verify authorization to work periodically.

Separate from this I-9 process, this position entails access to certain technology and technical data that is restricted under U.S. export control laws and regulations. Employment or continued employment may be conditioned on your legal authorization to work with or have access to export control materials as necessary to perform your job.

Candidate Rights & Accommodations

If you require a reasonable accommodation to complete the application or participate in the interview process, please contact View email address on click.appcast.io. Requests will be handled in accordance with applicable laws. Please do not include medical or other confidential information in your initial request.

For more information about your rights, please refer to the "Know Your Rights" notice here.


E-Verify

Stoke Space uses E-Verify to confirm the identity and employment eligibility of all new hires.