Demo
Salary Resume Critique Job Openings

Security Engineer - Governance, Risk & Compliance

Nominal, Inc
New York, NY Full Time
POSTED ON 1/19/2025
AVAILABLE BEFORE 4/18/2025

About Nominal

Maximise your chances of a successful application to this job by ensuring your CV and skills are a good match.

Nominal is a venture-backed company with offices in Los Angeles, Austin, and New York City. We’re focused on building software and data solutions for organizations that test and validate complex systems—think drones, rocket engines, satellites, and nuclear reactors. Supported by leading investors like General Catalyst, Founders Fund, Lux Capital, and more, we’re gaining strong traction in the commercial and government aerospace and defense industrial base, including working directly with the Department of Defense.

Our team includes engineers and operators from SpaceX, Palantir, Anduril, Lockheed Martin, and NASA, all working toward a common goal : making it faster and easier for hardware engineers to push the boundaries of advanced technology safely and efficiently. Our platform helps engineering teams accelerate test data review and analysis, scaling testing campaigns to save time and cut costs.

Nominal’s customers operate in some of the most sensitive data environments in the country. The Nominal platform was built to protect the sensitivity of this data and prioritizes its security above all else. Additionally, our internal systems must meet a commensurate standard of security.

As the first fully dedicated technical hire focused on secure deployments, information technology (IT), and information security to join the team, you’ll be responsible for shaping and developing our long-term posture on these topics to meet the high bar described above.

This includes hardening Nominal’s software platform (both security and availability / reliability), deploying into secure environments, assisting with incident response, managing Nominal’s network, ensuring endpoint security, establishing baseline device configuration, guaranteeing technical compliance with information security standards, and more.

About the role

  • Own the Posture : Technical excellence in product hardening and information security is table-stakes for Nominal’s success due to our product and industry. You would need to internalize this and fully own it in a first-class way. Set Nominal up for success in serving large DoD and enterprise customers in a secure manner.
  • Plan & Execute : Translate compliance requirements (e.g., NIST 800-53, NIST 800-171, CMMC) into technical actions and policies to meet a stringent standard of government- and enterprise-defined information security. Oversee the RMF lifecycle management. Apply technology standards to classified, air-gapped environments.
  • Manage the Network : Oversee network design, configuration, and administration. Handle endpoint device management across Nominal’s locations and assets. Includes VPNs or firewalls, SSIDs, malware / antivirus software, system configurations, software allowlisting / blocklisting, etc. to guarantee secure IT systems.
  • Coach Our Team : Create and deliver approachable, relevant trainings to ensure all employees are equipped to maintain high technical standards of information security and compliance. Provide guidance regarding procurement or download of secure, vetted third-party software, applications, and libraries.
  • Communicate the Standard : Prepare communications for government partners, auditors, and customers that satisfactorily explain Nominal’s technical security posture, both for our software platform and IT systems / endpoints, as well as inspire confidence in our secure product and business practices.

We're looking for someone with

  • 4 years of experience in topics such as DevSecOps and infrastructure, Risk Management Framework (RMF), information technology (IT), information security, cybersecurity, incident management, and root cause analysis.
  • Knowledge of modern software development techniques and processes and their security (CI pipelines, microservice architectures, cloud and container-based deployments).
  • Experience with systems administration, including network setup (VPN, SSIDs, firewalls), endpoint device protection, attack monitoring & logging (EDR & SIEM), software allowlisting / blocklisting, encryption & secure protocols, and more.
  • Experience working with the DoD and extensive knowledge of federal contracting and data requirements, including ATO, NIST 800-171, CMMC, IL4 / 5, FedRAMP, NISPOM, RMF, etc.
  • Familiarity with a variety of deployment styles, including cloud, on-prem, air-gapped, and hybrid.
  • Organization, attention to detail, and strong writing skills to build out associated documentation that would stand up to questioning and scrutiny by customers, government officials, and auditors.
  • Process management and relational skills to work with employees from across the organization to ensure ongoing delivery of our security and compliance posture.

    • Preferred qualifications include :

  • CISM / CISSP or equivalent IAM level III certification
  • Bachelor’s degree in Information Systems, Cybersecurity, or related field
  • Experience with AWS / Cloud, Microsoft Azure, Microsoft Government Community Cloud (GCC)

    • Benefits / Perks

  • Medical, dental, and vision insurance with 100% of premiums covered
  • Unlimited PTO / sick leave
  • Free lunch, snacks, and coffee
  • Professional development stipend
  • Quarterly company retreats

    • 120,000 - $160,000 a year The salary range for this role is an estimate based on a wide range of compensation factors, inclusive of base salary only. Actual salary offers may vary based on (but not limited to) work experience, education and / or training, critical skills, and / or business considerations. Highly competitive equity grants are included in all offers and are considered part of Nominal’s total compensation package.

    Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin.

    J-18808-Ljbffr

    Salary : $120,000 - $160,000

    If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
    Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

    What is the career path for a Security Engineer - Governance, Risk & Compliance?

    Sign up to receive alerts about other jobs on the Security Engineer - Governance, Risk & Compliance career path by checking the boxes next to the positions that interest you.
    Income Estimation: 
    $105,259 - $133,442
    Income Estimation: 
    $129,191 - $164,117
    Income Estimation: 
    $87,093 - $107,335
    Income Estimation: 
    $111,725 - $147,313
    Income Estimation: 
    $112,673 - $137,290
    Income Estimation: 
    $140,233 - $181,029
    Income Estimation: 
    $161,209 - $233,553
    Income Estimation: 
    $112,673 - $137,290
    Income Estimation: 
    $139,945 - $168,577
    Income Estimation: 
    $140,233 - $181,029
    Income Estimation: 
    $161,209 - $233,553
    Income Estimation: 
    $139,945 - $168,577
    Income Estimation: 
    $164,835 - $201,088
    Income Estimation: 
    $135,994 - $168,063
    Income Estimation: 
    $161,209 - $233,553
    Income Estimation: 
    $65,440 - $83,454
    Income Estimation: 
    $102,189 - $143,024
    Employees: Get a Salary Increase
    View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

    Job openings at Nominal, Inc

    Software Engineer
    Nominal, Inc
    Hired Organization Address Austin, TX Full Time
    About Nominal Nominal is a venture-backed company with offices in Los Angeles, Austin, and New York City. We’re focused ...
    Software Engineer - Frontend
    Nominal, Inc
    Hired Organization Address Los Angeles, CA Full Time
    Los Angeles, CA / Austin, TX / New York, NYEngineering / Full-time / On-siteAbout NominalNominal is a venture-backed com...
    Mission Operations Engineer
    Nominal, Inc
    Hired Organization Address Los Angeles, CA Full Time
    About Nominal Nominal is a venture-backed company with offices in Los Angeles, Austin, and New York City. We’re focused ...
    Deployment Systems Engineer
    Nominal, Inc
    Hired Organization Address Los Angeles, CA Full Time
    New York, NY / Austin, TX / Los Angeles, CAEngineering / Full-time / On-siteAbout NominalNominal is a venture-backed com...
    View More Jobs at Nominal, Inc

    Not the job you're looking for? Here are some other Security Engineer - Governance, Risk & Compliance jobs in the New York, NY area that may be a better fit.

    Senior Governance, Risk & Compliance Analyst

    CoreWeave, Brooklyn, NY

    Governance, Risk, and Compliance (GRC) Analyst

    Blooming Health, New York, NY

    View More Jobs

    AI Assistant is available now!

    Feel free to start your new journey!