[Hiring] Cybersecurity Operations Engineer @Lanteris Space Systems

Role Description

Intuitive Machines is seeking an experienced Cybersecurity Operations Engineer to serve as the operational bridge between our organization and our Managed Security Services Provider (MSSP). This position will play a pivotal role in ensuring the effective deployment and maintenance of our security tools and services and supporting incident response across our organization. The ideal candidate will be responsible for hands-on security operations, endpoint protection management, security tool administration, and incident response. This role can be based in Palo Alto, CA, Houston, TX or also remotely in the US.

Key Responsibilities

• SOC Coordination & Incident Management
  • Act as liaison with our Managed Security Service Provider (MSSP), reviewing Tier 1/2 alert summaries, validating findings with organizational context, and facilitating escalations for hands-on resolution.
  • Conduct real-time troubleshooting, log analysis, endpoint forensics, and containment actions on internal systems using tools like MS Defender, Wiz, and Tenable.
  • Participate in incident response activities, ensuring timely communication with stakeholders and proper documentation of security events.
  • Coordinate incident response activities across cross-functional teams, ensuring timely containment, eradication, and recovery actions align with organizational priorities and compliance requirements.
• Endpoint Security & Tool Administration
  • Support our endpoint security solutions, including EDR (Endpoint Detection & Response) solutions across the enterprise.
  • Monitor endpoint compliance, investigate agent health issues, and coordinate remediation with IT teams.
  • Maintain operational access to security tools for investigation and response purposes (not responsible for development, architecture, or tuning of SOC tools).
  • Perform regular health checks, updates, and optimization of security agents to ensure maximum coverage and performance across all organizational assets.
  • Develop and maintain documentation for security agent configurations, deployment procedures, and troubleshooting workflows to support operational continuity.
• Firewall Audit and Monitoring
  • Monitor and analyze firewall logs for security events and anomalies in coordination with MSSP.
  • Support firewall rule change requests, performing security impact assessments, and documentation.
  • Conduct periodic firewall policy reviews to identify overly permissive rules and ensure alignment with least-privilege principles.
  • Coordinate with network engineering on firewall-related security incidents and configuration changes.
  • Maintain firewall documentation, including rule justifications, change logs, and security baselines.
  • Participate in firewall architecture discussions to ensure security requirements are incorporated.
• Continuous Improvement & Strategic Activities
  • Participate in post-incident reviews and root cause analysis, documenting lessons learned to enhance response playbooks aligned with NIST 800-171/CMMC requirements.
  • Contribute to the refinement of MSSP SLAs, escalation procedures, and operational runbooks.
  • Generate compliance reports, executive briefings, and threat intelligence summaries for leadership and cross-functional teams (IT, Legal, Governance, Program Security).
  • Monitor and report on MSSP performance metrics, contributing to quarterly vendor reviews and integrating findings into risk management workflows.
  • Identify gaps in security coverage and recommend process improvements.
  • Participate in tabletop exercises and security drills to validate response capabilities.
• Collaboration & Knowledge Sharing
  • Integrate security findings into enterprise risk management workflows.
  • Serve as security subject matter expert for internal projects and initiatives.
  • Maintain currency with emerging threats, vulnerabilities, and security technologies relevant to the aerospace/defense sector.

Qualifications

• Must be a US Citizen with the ability to obtain a US Government security clearance.
• Bachelor's Degree in the following area(s): Cybersecurity, Information Technology, Computer Science, or related field; four additional years of experience can be substituted for a degree.
• 8 years of hands-on experience in cybersecurity operations, incident response, or security engineering roles.
• Experience with endpoint protection platforms.
• Experience with cloud security concepts and tools (Wiz, AWS security services, or similar).
• Experience with SIEM platforms, log analysis, and security event correlation.
• Experience with NIST 800-171, CMMC, and DFARS cybersecurity requirements.

Preferred Qualifications

• Professional certifications such as CISSP, GCIH, GCFA, or CEH.
• Experience operating in aerospace, defense, or DoD/CMMC regulated environments.
• Scripting/automation skills (PowerShell, Python) for security operations tasks.
• Strong collaboration skills and ability to work effectively with cross-functional teams during complex security incidents.
• Experience with the M365 Security stack (Defender, Sentinel, MDC, Purview).
• Experience with Tenable One.
• Experience with centralized enterprise logging.
• Experience with network security, including IDS/IPS, firewalls, and security architecture.

Benefits

• Comprehensive package of benefits including paid time off, health and welfare insurance, and 401(k) to eligible employees.
• This position is incentive eligible with a target based on contribution, company performance, and/or individual results achieved; the specific incentive plan and target amount will be determined based on the role and breadth of contributions.