<div class="content-intro">Turning Space into a Transportation Layer for Earth</div><h3>Who We Are:</h3> Inversion builds advanced reentry systems to deliver next-generation capabilities from space.   Our mission is to make Earth radically more accessible by turning Low-Earth Orbit into an on-demand logistics domain. We see space not as a destination, but as a platform — one that unlocks unprecedented speed and global reach.   Our spacecraft are designed to deliver payloads anywhere on Earth in under an hour, operating through extreme reentry conditions and landing with high precision. These systems open the door to new ways of testing, delivering, and operating at hypersonic speeds.   Inherently dual-use, our technology is built to meet urgent national security needs while laying the groundwork for future commercial applications. Backed by leading investors including Y Combinator, Spark Capital, and Lockheed Martin Ventures, and working with partners such as the U.S. Space Force and NASA, Inversion is pushing the boundaries of what’s possible in space-based defense and logistics. What You’ll Do:  The Network / Domain Administrator & Security Operations (SOC) role is responsible for secure administration of network infrastructure, identity systems, and continuous monitoring of security events across corporate and enclave environments. This role enforces access control, network security, logging, and incident detection/response in alignment with NIST SP 800-171, CMMC Level 2, and DFARS requirements.  This position serves as a primary operator for security monitoring (SOC functions) and ensures visibility, detection, and response capabilities across all systems handling CUI.  Access Control & Identity Management (AC / IA)  <ul> <li>Administer identity systems (Microsoft Entra ID, Active Directory, GCCH tenants)  </li> <li>Enforce MFA, conditional access, and least privilege principles  </li> <li>Manage privileged accounts and implement separation of duties  </li> <li>Conduct periodic access reviews and account audits  </li> </ul> Network Security & Boundary Protection (SC / AC)  <ul> <li>Configure and manage network infrastructure:  </li> <li>Firewalls, routers, VLANs, ACLs  </li> <li>Enforce segmentation between:  </li> <li>Corporate network  </li> <li>CUI enclave (CTMD)  </li> <li>External/public access  </li> <li>Manage DNS, DHCP, and IP address management  </li> <li>Monitor and control inbound/outbound network traffic   </li> </ul> Audit & Accountability / Logging (AU)  <ul> <li>Ensure centralized logging across systems:  </li> <li>SEIM and 3rd Party SOC </li> <li>Maintain log retention in accordance with policy  </li> <li>Validate log integrity and availability for audit purposes  </li> <li>Generate audit reports and provide evidence for compliance reviews  </li> </ul> Continuous Monitoring & SOC Operations (SI / IR / CA)  <ul> <li>Monitor security alerts, events, and anomalies across all environments  </li> <li>Perform triage, investigation, and escalation of security events  </li> <li>Correlate logs across endpoints, network, and applications  </li> <li>Maintain alert tuning and detection rules  </li> <li>Support continuous monitoring strategy required by CMMC   </li> </ul> Incident Response (IR)  <ul> <li>Lead or support incident detection, containment, eradication, and recovery  </li> <li>Document incidents and maintain incident response records  </li> <li>Coordinate with IT, application, and management teams during incidents  </li> <li>Ensure proper evidence handling and chain of custody  </li> </ul> Configuration & Change Management (CM)  <ul> <li>Maintain secure baseline configurations for:  </li> <li>Network devices  </li> <li>Identity systems  </li> <li>Review and approve network and security-related changes  </li> <li>Ensure all changes are documented and auditable  </li> </ul> Risk Management & Vulnerability Management (RA / SI)  <ul> <li>Perform vulnerability scanning and remediation coordination  </li> <li>Identify risks related to network and identity systems  </li> <li>Track and remediate findings (POA&M support)  </li> </ul> System & Communications Protection (SC)  <ul> <li>Enforce encryption and secure protocols across network communications  </li> <li>Validate secure configurations for remote access and VPNs  </li> <li>Ensure secure integration with enclave systems and cloud environments  </li> </ul> Operational Responsibilities  <ul> <li>Manage:  </li> <li>Network infrastructure (switches, routers, firewalls, VLANs)  </li> <li>Identity platforms (Entra ID, AD, GCCH identity)  </li> <li>Monitoring and SIEM platforms and working with 3rd party SOC  </li> <li>Maintain network diagrams and documentation (e.g., NetBox)  </li> <li>Support secure connectivity between corporate, enclave, and cloud environments  </li> <li>Assist with compliance audits and security assessments  </li> <li>Participate in on-call rotation for incident response  </li> </ul> Required Qualifications  <ul> <li>5–9+ years of experience in network administration and/or security operations  </li> <li>Strong knowledge of:  </li> <li>Networking (TCP/IP, VLANs, routing, firewalls)  </li> <li>Identity and access management (AD, Entra ID)  </li> <li>Experience with SIEM and monitoring tools  </li> <li>Understanding of security principles and incident response  </li> </ul> Preferred Qualifications  <ul> <li>Experience in regulated environments (CMMC, NIST 800-171, GovCloud, GCCH)  </li> <li>Certifications such as:  </li> <li>Security+, CySA+, CISSP (or equivalent)  </li> </ul> Audit-Relevant Expectations  <ul> <li>Continuous monitoring must be active, documented, and reviewable  </li> <li>Logs must be centralized, retained, and protected from tampering  </li> <li>Network segmentation and access controls must be enforced and verifiable  </li> <li>All privileged activity must be controlled, logged, and auditable  </li> <li>Incident response must be documented and repeatable  </li> <li>Full alignment with SSP-defined controls and CUI boundary enforcement   </li> </ul> Our office headquarters is located in Playa Vista, CA. This position requires in office presence.   The California annual base salary for this role is currently $110,000 - $140,000.  Pay Grades are determined by role, level, location, and alignment with market data.  Individual pay will be determined on a case-by-case basis and may vary based on the following considerations: interviews and an assessment of several factors that are unique to each candidate, job-related skills, relevant education and experience, certifications, abilities of the candidate and internal equity. <div class="content-conclusion"><div style="text-align: left;">ITAR Compliance:</div> <div style="text-align: left;">To conform to U.S. Government space technology export regulations, including the International Traffic in Arms Regulations (ITAR) you must be a U.S. citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C. 1324b(a)(3), or eligible to obtain the required authorizations from the U.S. Department of State. Learn more about the ITAR <a href="https://www.pmddtc.state.gov/?id=ddtc_kb_article_page&sys_id=24d528fddbfc930044f9ff621f961987">here</a>.  </div> <div> </div> <div>Equal Employment Opportunity:</div> <div>Inversion provides equal employment opportunities to all employees and applicants without regard to race, color, religion, age, sex, gender identity, sexual orientation, national origin, veteran status, or disability.  </div> <div> </div> <div>Inversion collects and processes personal data in accordance with applicable data protection laws.  If you are a US Job Applicant see the <a href="https://oag.ca.gov/privacy/ccpa" target="_blank">CCPA Privacy Policy Notice</a> for further details.</div></div>

Senior Network / Domain Administrator & Security Operations (SOC)

Job Description

About Inversion Space

More Jobs at Inversion Space

Want AI-powered job matching?

More Jobs at Inversion Space