This Fort Worth-based industry leader has an immediate full-time opportunity for a Principal Embedded Cyber Security Engineer. This position requires working onsite a few days per week in Ft. Worth. Relocation is available. Under the direct supervision and mentorship of members of the Cyber Security Engineering Staff, the Secure System Principal Cyber Engineer undertakes a variety of activities and assigned projects at varying levels of professional complexity requiring knowledge within an area of specialty and/or engineering degree. The Secure System Principal Cyber Engineer works as a member of the Engineering team in support of contracted tasks focusing on the integration of cybersecurity requirements into the full system lifecycle of company products. Will gain experience in developing Risk Management Framework (RMF) artifacts and shall understand system categorization and deduce NIST, DoD, CNSSI, and NSTSSM regulations into product cybersecurity requirements. Shall gain experience with NIST 800-53 and CNSSI 1253 security controls, security hardening of products, deriving and managing security requirements, risk management, technical planning, threat and vulnerability assessments, systems-level design, systems integration, verification, and validation including security testing and evaluation, and supportability and effectiveness analyses for the total systems. Will interact directly with multidiscipline professionals in the planning and implementation of assigned projects.
- Provide individual technical contribution and cyber security engineering leadership in the development of advanced systems for the US DoD, including providing system concept definition, cyber security requirements development and analysis, new technology assessments, evaluation of alternative technical solutions, and hands-on cyber security tasks. You will also support engineering project teams in the pursuit of new business, including the definition of advanced design concepts to address customer needs, the preparation of engineering inputs, cost estimates, and schedules for proposals. Your analytical skills and your ability to plan and lead cyber security engineering activities will be challenged daily. You’ll be working a lot with others including interfacing with internal and external project teams, company personnel (Engineering, Operations, Program Management, Business Development), and the customer community.
- Perform various duties related to the day-to-day operations of the Cyber Security Engineering team, including:
- Be a part of a program cybersecurity risk mitigation effort using the Risk Management Framework (RMF)
- Evaluate new and existing embedded systems and architects the software, firmware, and hardware requirements from a system engineering perspective
- Participate in development efforts to ensure cybersecurity controls are integrated to meet platform security posture and the Department of Defense (DoD) Authorizing Officials program requirements
- Participate in the formal Security Test and Evaluation process required by each government acceptance and approval authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports
- Perform product security reviews with the ability to communicate issues and risks in business terms and make recommendations that balance risk/reward tradeoffs
- Recommend embedded cybersecurity defense and countermeasures for avionics product designs
- Research, evaluate, and assess emerging embedded cyber security threats and technologies
- Evaluate and test new cybersecurity tools and capabilities
- Analyze static and dynamic source code scans to achieve Software Assurance (SwA) goals
- Suggest and implement new tools and efficiency improvements for the development of secure software
- You may also conduct research and prepare reports based on findings, to include recommendations or alternative proposals for action.
- Provides training and mentoring to more junior staff members.
- Provides solutions to a variety of technical problems of moderate scope and complexity as part of a project team.
- Demonstrates leadership qualities and acts as a role model. Contributes to cost/scope estimation.
- May lead functional tasks or projects.
- Works independently to solve a wide range of complex problems requiring the regular use of ingenuity and creativity.
- Hold an accredited Bachelor in Cybersecurity, Computer Science, Software Engineering, or other related engineering degrees with a cumulative GPA of over 3.2 and with a minimum of 9 years of experience in cyber security and/or secure system/embedded systems.
Hold an accredited Master in Cybersecurity, Computer Science, Software Engineering, or other related engineering degrees with a cumulative GPA of over 3.2 and with a minimum of 7 years of experience in cyber security and/or secure system/embedded systems.
Hold an accredited Ph.D. in Cybersecurity, Computer Science, Software Engineering, or other related engineering degrees with a cumulative GPA of over 3.2 and with a minimum of 4 years of experience in cyber security and/or secure system/embedded systems.
- Experience with the Risk Management Framework (RMF), knowledge of embedded system security architectures and engineering approaches to building system security solutions, experience with Department of Defense, Government Certification and Authorizing Officials or federal customer base, and Software development experience in one of the following core languages: C, C++ or C#Understanding of security vulnerabilities found via security tools (i.e., HP Fortify, Klocwork, Nessus/Tenable, and others) and you have static/dynamic code analysis experience.
- Excellent written and oral communication skills, the ability to understand and follow complex, detailed instructions, and the ability to work both independently and in a team environment. Must be able to approach technical problems logically and scientifically. Must be flexible and able to handle multiple priorities, and be able to work for short to moderate periods without direct supervision.
- Computer skills, familiarity with basic shop tools and/or machine equipment, and an aptitude and understanding of basic electrical, mechanical, optical, or software engineering principles. Requires technical writing and documentation skills.
- CISSP or equivalent certification
Travel Requirements: Able to travel domestically and internationally up to 20% to support projects.
Clearance: Must be able to acquire a Secret Security clearance.