Senior Network / Domain Administrator & Security Operations (SOC)

Turning Space into a Transportation Layer for Earth Who We Are: Inversion builds advanced reentry systems to deliver next-generation capabilities from space.   Our mission is to make Earth radically more accessible by turning Low-Earth Orbit into an on-demand logistics domain. We see space not as a destination, but as a platform — one that unlocks unprecedented speed and global reach.   Our spacecraft are designed to deliver payloads anywhere on Earth in under an hour, operating through extreme reentry conditions and landing with high precision. These systems open the door to new ways of testing, delivering, and operating at hypersonic speeds.   Inherently dual-use, our technology is built to meet urgent national security needs while laying the groundwork for future commercial applications. Backed by leading investors including Y Combinator, Spark Capital, and Lockheed Martin Ventures, and working with partners such as the U.S. Space Force and NASA, Inversion is pushing the boundaries of what’s possible in space-based defense and logistics. What You’ll Do:  The Network / Domain Administrator & Security Operations (SOC) role is responsible for secure administration of network infrastructure, identity systems, and continuous monitoring of security events across corporate and enclave environments. This role enforces access control, network security, logging, and incident detection/response in alignment with NIST SP 800-171, CMMC Level 2, and DFARS requirements.  This position serves as a primary operator for security monitoring (SOC functions) and ensures visibility, detection, and response capabilities across all systems handling CUI.  Access Control & Identity Management (AC / IA)  Administer identity systems (Microsoft Entra ID, Active Directory, GCCH tenants)   Enforce MFA, conditional access, and least privilege principles   Manage privileged accounts and implement separation of duties   Conduct periodic access reviews and account audits   Network Security & Boundary Protection (SC / AC)  Configure and manage network infrastructure:   Firewalls, routers, VLANs, ACLs   Enforce segmentation between:   Corporate network   CUI enclave (CTMD)   External/public access   Manage DNS, DHCP, and IP address management   Monitor and control inbound/outbound network traffic    Audit & Accountability / Logging (AU)  Ensure centralized logging across systems:   SEIM and 3rd Party SOC  Maintain log retention in accordance with policy   Validate log integrity and availability for audit purposes   Generate audit reports and provide evidence for compliance reviews   Continuous Monitoring & SOC Operations (SI / IR / CA)  Monitor security alerts, events, and anomalies across all environments   Perform triage, investigation, and escalation of security events   Correlate logs across endpoints, network, and applications   Maintain alert tuning and detection rules   Support continuous monitoring strategy required by CMMC    Incident Response (IR)  Lead or support incident detection, containment, eradication, and recovery   Document incidents and maintain incident response records   Coordinate with IT, application, and management teams during incidents   Ensure proper evidence handling and chain of custody   Configuration & Change Management (CM)  Maintain secure baseline configurations for:   Network devices   Identity systems   Review and approve network and security-related changes   Ensure all changes are documented and auditable   Risk Management & Vulnerability Management (RA / SI)  Perform vulnerability scanning and remediation coordination   Identify risks related to network and identity systems   Track and remediate findings (POA&M support)   System & Communications Protection (SC)  Enforce encryption and secure protocols across network communications   Validate secure configurations for remote access and VPNs   Ensure secure integration with enclave systems and cloud environments   Operational Responsibilities  Manage:   Network infrastructure (switches, routers, firewalls, VLANs)   Identity platforms (Entra ID, AD, GCCH identity)   Monitoring and SIEM platforms and working with 3rd party SOC   Maintain network diagrams and documentation (e.g., NetBox)   Support secure connectivity between corporate, enclave, and cloud environments   Assist with compliance audits and security assessments   Participate in on-call rotation for incident response   Required Qualifications  5–9+ years of experience in network administration and/or security operations   Strong knowledge of:   Networking (TCP/IP, VLANs, routing, firewalls)   Identity and access management (AD, Entra ID)   Experience with SIEM and monitoring tools   Understanding of security principles and incident response   Preferred Qualifications  Experience in regulated environments (CMMC, NIST 800-171, GovCloud, GCCH)   Certifications such as:   Security+, CySA+, CISSP (or equivalent)   Audit-Relevant Expectations  Continuous monitoring must be active, documented, and reviewable   Logs must be centralized, retained, and protected from tampering   Network segmentation and access controls must be enforced and verifiable   All privileged activity must be controlled, logged, and auditable   Incident response must be documented and repeatable   Full alignment with SSP-defined controls and CUI boundary enforcement    Our office headquarters is located in Playa Vista, CA. This position requires in office presence.   The California annual base salary for this role is currently $110,000 - $140,000.  Pay Grades are determined by role, level, location, and alignment with market data.  Individual pay will be determined on a case-by-case basis and may vary based on the following considerations: interviews and an assessment of several factors that are unique to each candidate, job-related skills, relevant education and experience, certifications, abilities of the candidate and internal equity.  ITAR Compliance: To conform to U.S. Government space technology export regulations, including the International Traffic in Arms Regulations (ITAR) you must be a U.S. citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C. 1324b(a)(3), or eligible to obtain the required authorizations from the U.S. Department of State. Learn more about the ITAR https://www.pmddtc.state.gov/?id=ddtc_kb_article_page&sys_id=24d528fddbfc930044f9ff621f961987.     Equal Employment Opportunity: Inversion provides equal employment opportunities to all employees and applicants without regard to race, color, religion, age, sex, gender identity, sexual orientation, national origin, veteran status, or disability.     Inversion collects and processes personal data in accordance with applicable data protection laws.  If you are a US Job Applicant see the https://oag.ca.gov/privacy/ccpa for further details. Offices: Playa Vista, California, United States (Playa Vista (HQ));