Senior Staff Technology Controls Architecture & Assurance Lead (Aerospace)

TL;DR

Senior Staff Technology Controls Architecture & Assurance Lead (Aerospace): Leading the development and governance of information security policies, internal controls, and risk management frameworks with an accent on regulatory compliance (NIST, CMMC, SOX) and aircraft certification security. Focus on building quantitative risk models, managing complex audit lifecycles, and translating technical risk data into actionable insights for executive leadership.

Location: Must be based in San Jose, California, United States

Salary: $207,400 - $259,200

Company

hirify.global is an aerospace company building all-electric vertical takeoff and landing aircraft to advance sustainable air mobility.

What you will do

• Lead the lifecycle governance of information security policies and control frameworks aligned with NIST and CMMC standards.
• Manage the enterprise issue management process, including severity thresholds, SLA frameworks, and executive reporting.
• Design and execute internal Control Self-Assessment (CSA) programs to ensure ongoing control effectiveness.
• Serve as the primary liaison for internal and external audits, including CMMC and SOX ITGC compliance assessments.
• Develop and maintain Key Risk Indicators (KRIs) using quantitative analysis and AI-assisted tooling.
• Partner with engineering and certification teams to align security controls with FAA aircraft systems requirements.

Requirements

• U.S. citizenship is required to obtain a DoD Secret security clearance.
• 8+ years in information security with at least 4 years in GRC, compliance, or audit-focused roles.
• Deep knowledge of NIST SP 800-171, CMMC Level 2, DFARS, and ITAR.
• Proven experience managing SOX ITGC programs in a public or pre-IPO environment.
• Ability to build quantitative risk models and communicate complex findings to executive stakeholders.
• No work visa sponsorship available for this position.

Nice to have

• Active DoD Secret or Top Secret/SCI clearance.
• Certifications: CISSP, CISM, CRISC, CISA, or CMMC Registered Practitioner.
• Familiarity with FAA ASISP requirements and RTCA DO-326A/DO-356A standards.
• Experience with FAIR methodology and AI/ML techniques for GRC data analysis.

Culture & Benefits

• Commitment to an equitable and inclusive workplace that celebrates diversity.
• Pay-for-performance culture focused on rewarding strategic business contributions.
• Opportunity to work on consequential security challenges in the urban air mobility sector.
• Support for reasonable accommodations for applicants with disabilities.