Overview
On Site
Depends on Experience
Full Time
Skills
Cisco VPN
Wireshark
Threat Analysis
Regulatory Compliance
RRAS
Network Security
OpenVPN
Vulnerability Management
OpenSSL
PKI
Microsoft Windows
Lifecycle Management
Job Details
Position: Infrastructure Security Consultant
Location: Dallas, TX
Full Time
Note: Only Local's
RESPONSIBILITIES
Secure aircraft and ground systems by implementing and maintaining the ANSP, including PKI, VPN, and zero-trust solutions.
Manage and maintain server infrastructure (Windows and Linux) supporting cybersecurity systems.
Configure and manage network devices, including firewalls, VPN gateways, and intrusion detection systems.
Manage cryptographic keys and digital certificates, ensuring compliance with industry standards.
Respond to and manage security incidents, including forensic analysis and remediation.
Collaborate with stakeholders to ensure secure and efficient operations.
Stay updated on the latest developments in aircraft IT and network security.
Support the development of security training programs.
Monitor aviation systems for suspicious activities and analyze logs to identify threats.
Perform risk assessments and ensure compliance with aviation-specific cybersecurity frameworks.
Collect and analyze threat intelligence data, staying informed about emerging threats.
Secure cloud environments for security log analysis and reporting. Includes designing the secure cloud architecture, configuring security groups, implementing IAM policies, ensuring data encryption (at rest and in transit).
Conduct comprehensive security posture assessments of our ANSP ground systems.
SKILLS
Deep Cybersecurity Expertise: Requires 5-8 years of progressive cybersecurity engineering experience with deep understanding of network, systems (including Windows and Linux server administration), cloud, and PKI security principles and technologies.
Hands-on Technical Skills: Proficiency in managing firewalls, VPNs, IDPS, ZTNA, EDR, vulnerability scanning, configuration management tools, and CSPM solutions. Also includes demonstrated experience in Windows and Linux server configuration, hardening, maintenance, and security patching.
Cloud & PKI Focus: Expertise in cloud security (AWS or Azure) and extensive experience with PKI infrastructure, certificate lifecycle management, and key management are essential.
Secure Architecture & Vulnerability Management: Ability to design secure network architectures and conduct security assessments to identify and mitigate vulnerabilities, including system-level vulnerabilities on Windows and Linux servers.
Aviation Security Contribution: Will contribute to critical FAA aircraft network security program duties, including securing communication between aircraft and ground systems, collaborating with OEMs, and ensuring the security and integrity of underlying Windows and Linux server infrastructure.
Secure aircraft and ground systems by implementing and maintaining the ANSP, including PKI, VPN, and zero-trust solutions.
Manage and maintain server infrastructure (Windows and Linux) supporting cybersecurity systems.
Configure and manage network devices, including firewalls, VPN gateways, and intrusion detection systems.
Manage cryptographic keys and digital certificates, ensuring compliance with industry standards.
Respond to and manage security incidents, including forensic analysis and remediation.
Collaborate with stakeholders to ensure secure and efficient operations.
Stay updated on the latest developments in aircraft IT and network security.
Support the development of security training programs.
Monitor aviation systems for suspicious activities and analyze logs to identify threats.
Perform risk assessments and ensure compliance with aviation-specific cybersecurity frameworks.
Collect and analyze threat intelligence data, staying informed about emerging threats.
Secure cloud environments for security log analysis and reporting. Includes designing the secure cloud architecture, configuring security groups, implementing IAM policies, ensuring data encryption (at rest and in transit).
Conduct comprehensive security posture assessments of our ANSP ground systems.
SKILLS
Deep Cybersecurity Expertise: Requires 5-8 years of progressive cybersecurity engineering experience with deep understanding of network, systems (including Windows and Linux server administration), cloud, and PKI security principles and technologies.
Hands-on Technical Skills: Proficiency in managing firewalls, VPNs, IDPS, ZTNA, EDR, vulnerability scanning, configuration management tools, and CSPM solutions. Also includes demonstrated experience in Windows and Linux server configuration, hardening, maintenance, and security patching.
Cloud & PKI Focus: Expertise in cloud security (AWS or Azure) and extensive experience with PKI infrastructure, certificate lifecycle management, and key management are essential.
Secure Architecture & Vulnerability Management: Ability to design secure network architectures and conduct security assessments to identify and mitigate vulnerabilities, including system-level vulnerabilities on Windows and Linux servers.
Aviation Security Contribution: Will contribute to critical FAA aircraft network security program duties, including securing communication between aircraft and ground systems, collaborating with OEMs, and ensuring the security and integrity of underlying Windows and Linux server infrastructure.
TOOLS AND TECHNOLOGIES Network Security
Enterprise-grade Firewalls: (e.g., Cisco Firepower, Palo Alto Networks, Fortinet)
VPN & ZTNA Technologies: (e.g., RRAS, Tempered Airwall, Cisco AnyConnect, Zscaler, OpenVPN)
Intrusion Detection/Prevention Systems (IDPS): (e.g., Snort, Suricata, Zeek)
Monitoring Tools: (e.g., Wireshark)
Experience with multiple vendors within these categories is beneficial.
System Security (Server & Endpoint)
Windows & Linux Server Security: Configuration, Hardening, Patching, Microsoft Active Directory and Group Policy
Endpoint Detection and Response (EDR): (e.g., CrowdStrike Falcon, Microsoft Defender for Endpoint)
Vulnerability Scanning: (e.g., Tenable Nessus, Tanium Comply)
Configuration Management (for Security Automation): (e.g., Ansible, Puppet, Chef)
Cloud Security (AWS or Azure Focus)
Cloud Security Posture Management (CSPM): (e.g., AWS Security Hub, Azure Security Center)
Cloud IAM & Access Control (AWS IAM, Azure AD)
Cloud Security Services: (AWS & Azure native security offerings)
Public Key Infrastructure (PKI)
Certificate Authorities (CA): (e.g., Microsoft AD CS, OpenSSL)
Key Management Systems (KMS): (e.g., Hardware HSMs, AWS KMS, Azure Key Vault, HashiCorp Vault)
Enterprise-grade Firewalls: (e.g., Cisco Firepower, Palo Alto Networks, Fortinet)
VPN & ZTNA Technologies: (e.g., RRAS, Tempered Airwall, Cisco AnyConnect, Zscaler, OpenVPN)
Intrusion Detection/Prevention Systems (IDPS): (e.g., Snort, Suricata, Zeek)
Monitoring Tools: (e.g., Wireshark)
Experience with multiple vendors within these categories is beneficial.
System Security (Server & Endpoint)
Windows & Linux Server Security: Configuration, Hardening, Patching, Microsoft Active Directory and Group Policy
Endpoint Detection and Response (EDR): (e.g., CrowdStrike Falcon, Microsoft Defender for Endpoint)
Vulnerability Scanning: (e.g., Tenable Nessus, Tanium Comply)
Configuration Management (for Security Automation): (e.g., Ansible, Puppet, Chef)
Cloud Security (AWS or Azure Focus)
Cloud Security Posture Management (CSPM): (e.g., AWS Security Hub, Azure Security Center)
Cloud IAM & Access Control (AWS IAM, Azure AD)
Cloud Security Services: (AWS & Azure native security offerings)
Public Key Infrastructure (PKI)
Certificate Authorities (CA): (e.g., Microsoft AD CS, OpenSSL)
Key Management Systems (KMS): (e.g., Hardware HSMs, AWS KMS, Azure Key Vault, HashiCorp Vault)
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.