Principal Cloud Security Engineer

ABOUT ROCKET LAB

Rocket Lab is an end-to-end space company delivering responsive launch services, complete spacecraft design and manufacturing, payloads, satellite components, and more - all with the goal of opening access space. The rockets and satellites we build, and launch enable some of the most ambitious and vital space missions globally, supporting scientific exploration, Earth observation and missions to combat climate change, national security, and exciting new technology demonstrations.

Our Electron rockethas become the second most frequently launched U.S. rocket annually and has delivered more than 230 satellites to orbit, all while we work to develop Neutron, our upcoming medium-lift, reusable launch vehicle for larger constellation deployment. Our Space Systems business designs and builds our extensive line of satellites, payloads, and their components, including spacecraft that have been selected to support NASA missions to the Moon and Mars and components used on the James Webb Space Telescope.

Rocket Lab's IT team is responsible for how our global teams access information and run operations across our computer systems, networks, and devices. Our hardworking IT team is a group of flexible problem-solvers working in a fast-paced environment but who also thrive under the challenge of supporting all of our proprietary systems and people, from finance to launch operations.

Based onsite at Rocket Lab's office in Long Beach, CA the Senior Cloud Security Engineer must demonstrate a firm grasp of cloud-first, automated, API-driven security and statistical risk concepts and communication. They will work on securing all facets of Rocket Lab's cloud presence: the wide array of vendor services, code pipelines deploying into prod and non-prod environments, and automation performing an assortment of business-critical operations.

They will provide analyses including quantifiable statistical information regarding IT and Cybersecurity risk to business partners with fiduciary responsibility. They will support the IT organization to develop a secure, reliable, and fiercely efficient platform to empower the Rocket Lab's objectives as a rapidly growing multinational space company.

• Design, implement, and maintain security controls for hybrid cloud-based environments, including infrastructure as a service (IaaS), platform as a service (PaaS), software as a service (SaaS), and function as a service (FaaS) solutions.
• Design and develop custom automation in pursuit of cyber team objectives.
• Provide security support for internal and external design reviews related to security.
• Conduct security assessments and risk analyses to identify vulnerabilities and develop mitigation strategies for automated infrastructure such as public cloud, CI/CD pipelines, and agentic systems.
• Work with Infrastructure Operations to Implement and manage identity and access management (IAM) solutions to control access to cloud resources and applications.
• Develop documentation, plans, and proofs of concept for cybersecurity-related platform improvements.
• Configure and monitor cloud security tools and services.
• Collaborate with development teams to integrate security best practices into the software development lifecycle (SDLC), Dev Ops, and MLOps processes.
• Maintain systems to help the team stay up-to-date on emerging threats, vulnerabilities, and industry best practices related to Dev Sec Ops /MLOps and recommend proactive measures to enhance security posture.
• Provide guidance and support to internal teams on security-related matters, including incident response, compliance, and security awareness training.
• Participate in regular security audits, assessments, and compliance reviews to ensure adherence to regulatory requirements and industry standards.

• Education and Experience in IT and Cybersecurity
  • 12+ years of experience in scripting languages (e.g., Bash, Power Shell, Python) and configuration management/infrastructure as code tools (e.g., Puppet, Ansible, Terraform).
  • Bachelor's degree or equivalent years of work experience (16+ years of total work experience)
• Cloud Security and Architecture Expertise
  • Proven experience in cloud security architecture, design, and implementation across major cloud platforms (AWS, Azure, Google Cloud).
  • Hands-on experience with cloud security tools and services (e.g., AWS Security Hub, Azure Security Center, Google Cloud Security Command Center).
• Compliance, Vulnerability Management, and IT Governance
  • Experience working under US Government compliance regimes (e.g., CMMC, NIST, DISA STIG) and ITIL/Change Review systems.
  • Proficiency in vulnerability management systems (e.g., Tenable, Bringa) and CLI scanning tools (e.g., Trivy, OpenSCAP).
• Version Control, Networking, and Secure Communication
  • Extensive experience with git-driven version control systems (e.g., Git Hub, Git Lab, Bitbucket).
  • Strong understanding of networking concepts, encryption…