Software Cyber Security

We are seeking a highly skilled and experienced Principal Software Cyber Security Engineer I to implement cybersecurity assurance, including anti-tamper and embedded cybersecurity frameworks, for product lines with Department of Defense (DoD) applications.

As a cybersecurity engineer, you'll help tackle a diverse set of challenging technical and engineering activities in a collaborative, Agile environment, leveraging technical and interpersonal skills in a structured team framework. The position involves aiding testing efforts and related activities across multiple platforms and technologies- like embedded hardware, phased-array systems, space payloads, and radio frequency solutions, using advanced techniques and methodologies.

JOB DUTIES AND RESPONSIBILITIES

• Design and deploy anti-tamper and embedded cybersecurity frameworks for DoD-focused product lines.
• Lead software analysis, code analysis, requirements analysis, software review, and interface design to ensure secure systems.
• Design, code, and debug applications in C/C++, Python, and Shell Scripting, with a focus on secure software development.
• Manage Linux distributions using Yocto Project for embedded systems and ensure robust Linux administration.
• Work in a cross-functional engineering team environment, leveraging Agile methodologies and tools like Jira, Confluence, Docker, and GitLab.

JOB REQUIREMENTS AND MINIMUM QUALIFICATIONS

• Bachelor s or higher degree in Computer Science, Software Engineering, or a Cyber Security related field.
• 9 years in software development or cybersecurity, with 5+ years in application security or system hardening in a senior role.
• Expertise in software analysis, code analysis, requirements analysis, software review, and interface design.
• Proficiency in designing, coding, and debugging applications in C/C++, Python, and Shell Scripting.
• Strong knowledge of Linux administration and creating Linux distributions using Yocto Project for embedded systems.
• Experience with Jira, Confluence, Docker, and GitLab.
• Must possess (or obtain within six months of employment start date) a DoD 8570.01-M certification (e.g., Security+, CISSP).

PREFERRED EXPERIENCE

• Knowledge of embedded systems to conduct research and evaluate potential vulnerabilities.
• Experience integrating static analysis tools and evaluating CWE criticality findings in software solutions based on mission requirements.
• Solid understanding and hands-on experience with DISA Security Technical Implementation Guides (STIGs).
• Strong understanding of NIST SP 800-160, System Security Engineering (SSE) principles, NIST SP 800-37 (Risk Management Framework), and NIST SP 800-53 (Security Controls).
• Capacity to mentor and assist other Quality Assurance team members in adopting best practices.