Job description
Worker Type
RegularJob Description
Summary
AV’s Senior Product Cybersecurity Engineer will be responsible for building and maintaining customer trust through unparalleled security, privacy, and assurance of AV products. This person will drive security and assurance governance, identify emerging threats, secure existing products through mitigations, and define and initiate future security innovations for AV products. They will be responsible for identifying and making appropriate risk actions associated with security vulnerabilities affecting AV products.
Position Responsibilities
- Evaluate the technical aspects of security vulnerabilities and shepherd AV product teams through the product cybersecurity process.
- Responsible for applying an interdisciplinary, collaborative approach to plan, design, develop, validate, and verify life-cycle information system security solutions.
- Define PSE tool, process, and mission requirements and institute in company policy and programs.
- Approval authority for missions, including any necessary waivers. Active participant in program development relating to product cybersecurity.
- Embedded Product Security Engineer in necessary programs/projects for Systems, Hardware, and SW to ensure PSE tools, requirements, and processes are implemented in architecture, process, sourcing/component selection, production, and overall product development.
- Working across the company you will leverage your organization abilities, technical acumen, and communication skills to advise product teams on the impact of security vulnerabilities and help them establish the best course of action to remediate the affected AV products.
- Define and lead the transformation of AV product cybersecurity into a world class industry recognized model of excellence and efficiency.
- Able to anticipate critical situations and to proactively plan tactical and strategic response to a product security issue.
- The successful candidates will be responsible for applying an interdisciplinary, collaborative approach to plan, design, develop, validate, and verify lifecycle balanced cybersecurity robustness, global process, and certification for new products being designed and legacy products while preserving their necessary utility and useability.
- Correctly interpret and implement appropriate Accreditation and Authorization activities per DoD RMF, NISPOM, and other government publications for company products as required by customers while maintaining functionality.
- Ability to deploy, configure, and operate cybersecurity tools such as vulnerability scanners, Security Content Automation Protocol (SCAP) Compliance Checker (SCC), Antivirus/Anti Malware applications, and SIEMs.
- Coordinates with hardware, network, production, and software engineers, test and validation engineers, manufacturing, operations, and logistics personnel, and program management on security related activities and requirements.
- Interpret system requirements and provide subject matter expertise to program management and customers.
- Perform security evaluation and testing of company hardware, software, and documentation products, and document findings in reports and briefings.
- Ensure system and interface requirements support cybersecurity needs
- Prepare test cases, test scripts, test plans and procedures, data collection, and lab infrastructure for cybersecurity functions.
- Participate in system and project development, integration activities, and working groups.
- Apply a logical approach in solving challenging problems
- Troubleshoot Android, Linux, Windows, and RTOS based systems as well as networking and/or storage technologies for security related issues.
- Develop patch and security upgrade management solutions for Android, Linux, and MS Windows, and RTOS based systems with centralized and de-centralized management infrastructure.
- Develop centralized and de-centralized infrastructure and processes for managing cybersecurity related software updates.
- Ability to work effectively in situations involving uncertainty or lack of information and respond favorably to change.
- Ability to "think on your feet" and react decisively in an unstructured environment
- Be able to learn and understand new products and technologies quickly.
- Strong oral and written communication skills with demonstrated attention to detail and results orientation.
Basic Qualifications (Required Skills & Experience)
- Possess or be able to obtain DoD Security clearance at Secret level or higher.
- Bachelor of Science degree in an Engineering discipline with a minimum of 8 years of relevant experience or a master’s degree in an Engineering discipline with a minimum of 6 years’ relevant experience in the following:
- Driving processes and systems to support the success of product security projects.
- Demonstrated technical leadership across a matrixed organizational structure to establish plans and deliver high quality results on time.
- Familiarity with ongoing security research against products and infrastructure and ability to apply that knowledge to product security incident response.
- Familiarity with Cybersecurity features, vulnerabilities, and solutions for integrated hardware/software systems with emphasis on Android, Linux, Windows, and RTOS based enterprise and embedded systems.
- Familiarity with RTCA DO-326/ED-202, DO-178, NIST (SP) 800-160, 800-53, FIPS 140-2, DoD RMF, or DoD aviation cybersecurity requirements is ideal.
- 10 years’ work experience in field of product cybersecurity design at board or box level.
- U.S. Citizen
- Travel required
- Work under minimal supervision
Other Qualifications & Desired Competencies
- Practical experience in information security and/or product security preferred.
- Security certifications like ISM, CISSP, GIAC, GCIA, CISM. etc. is desired
- Experience architecting unmanned systems for cybersecurity.
Physical Demands
- Ability to work in an office and manufacturing environment (Constant)
- Required to sit and stand for long periods; talk, hear, and use hands and fingers to operate a computer and telephone keyboard (Frequent)
- Requires frequent travel to support working with suppliers, resolving product issues, participating in system tests, and supporting customers
The salary range for this role is:
$157,080 - $235,620AeroVironment considers several factors when extending an offer, including but not limited to, the location, the role and associated responsibilities, a candidate’s work experience, education/training, and key skills.
ITAR Requirement:
This position requires access to information that is subject to compliance with the International Traffic Arms Regulations (“ITAR”) and/or the Export Administration Regulations (“EAR”). In order to comply with the requirements of the ITAR and/or the EAR, applicants will be asked to provide specific documentation to verify U.S. person status under the ITAR and the EAR. A “U.S. person” according to their definition is a U.S. citizen, U.S. lawful permanent resident (green card holder), or protected individual such as a refugee, or asylee. See 22 CFR § 120.15. Some positions will require current U.S. Citizenship due to contract requirements.
Benefits: AV offers an excellent benefits package including medical, dental vision, 401K with company matching, a 9/80 work schedule and a paid holiday shutdown. For more information about our company benefit offerings please visit:
http://www.avinc.com/myavbenefits
.We also encourage you to review our company website at
http://www.avinc.com
to learn more about us.Principals only need apply. NO agencies please.
Who We Are
Based in California, AeroVironment (AVAV) is a global leader in unmanned aircraft systems (UAS) and tactical missile systems. Founded in 1971 by celebrated physicist and engineer, Dr. Paul MacCready, we’ve been at the leading edge of technical innovation for more than 45 years. Be a part of the team that developed the world’s most widely used military drones and created the first submarine-launched reconnaissance drone, and has seven innovative vehicles that are part of the Smithsonian Institution’s permanent collection in Washington, DC.
Join us today in developing the next generation of small UAS and tactical missile systems that will deliver more actionable intelligence to our customers so they can proceed with certainty – and succeed.
What We Do
Building on a history of technological innovation, AeroVironment designs, develops, produces, and supports an advanced portfolio of unmanned aircraft systems (UAS) and tactical missile systems. Agencies of the U.S. Department of Defense and allied military services use the company’s hand-launched UAS to provide situational awareness to tactical operating units through real-time, airborne reconnaissance, surveillance, and target acquisition.
AeroVironment Incorporated is an equal opportunity employer, M/F/D/V and works in compliance with both federal and state laws. We are committed to the concept regarding Equal Employment opportunity. Qualified candidates will be considered for employment regardless of race, color, religion, age, sex, sexual orientation, gender identity, national origin, marital status, medical condition nor disability, genetics, veteran and all others that may apply.
ITAR
U.S. Citizenship requiredAeroVironment
http://www.avinc.com
Arlington, VA
Wahid Nawabi
$100 to $500 million (USD)
1001 to 5000 Employees
Company - Public
Aerospace & Defense
1971