Principal Cyber Security Engineer -REF1050J

Fort Worth, TX, United States

Applications have closed

Elbit Systems of America

Elbit Systems of America is a leading global source of innovative, technology-based systems for diverse defense, homeland security & commercial applications.

View company page

Company Description

Elbit Systems of America is a leading provider of high-performance products, system solutions, and support services focusing on the defense, homeland security, commercial aviation, and medical instrumentation markets. With facilities throughout the United States, Elbit Systems of America is dedicated to supporting those who contribute daily to the safety and security of the United States. Elbit Systems of America, LLC is wholly owned by Elbit Systems Ltd. (NASDAQ: ESLT and TASE: ESLT), a global high technology company engaged in a wide range of programs for innovative defense and commercial applications. For additional information, visit: www.elbitsystems-us.com or follow us on Twitter.

 

Job Description

Under the direct supervision and mentorship of members of the Cyber Security Engineering Staff, the Secure System Principal Cyber Engineer undertakes a variety of activities and assigned projects at varying levels of professional complexity requiring knowledge within an area of specialty and/or engineering degree. The Secure System Principal Cyber Engineer works as a member of the Engineering team in support of contracted tasks focusing on the integration of cybersecurity requirements into the full system lifecycle of Elbit Systems of America’s products. The candidate shall be gain experience in developing Risk Management Framework (RMF) artifacts and shall understand system categorization and deduce NIST, DoD, CNSSI, and NSTSSM regulations into product cybersecurity requirements. The candidate shall gain experience with NIST 800-53 and CNSSI 1253 security controls, security hardening of products, deriving and managing security requirements, risk management, technical planning, threat and vulnerability assessments, systems-level design, systems integration, verification, and validation including security testing and evaluation, and supportability and effectiveness analyses for the total systems.  This candidate will interact directly with multidiscipline professionals in the planning and implementation of assigned projects. 

Principal Responsibilities

 You will get to provide individual technical contribution and cyber security engineering leadership in the development of advanced systems for the US DoD, including providing system concept definition, cyber security requirements development and analysis, new technology assessments, evaluation of alternative technical solutions, and hands-on cyber security tasks. You will also support engineering project teams in the pursuit of new business, including the definition of advanced design concepts to address customer needs, the preparation of engineering inputs, cost estimates, and schedules for proposals. Your analytical skills and your ability to plan and lead cyber security engineering activities will be challenged daily.  You’ll be working a lot with others including interfacing with internal and external project teams, company personnel (Engineering, Operations, Program Management, Business Development), and the customer community.

  • You will perform various duties related to the day-to-day operations of the Cyber Security Engineering team, including:
  • Be a part of a program cybersecurity risk mitigation effort using the Risk Management Framework (RMF)
  • Evaluate new and existing embedded systems and architects the software, firmware, and hardware requirements from a system engineering perspective
  • Participate in development efforts to ensure cybersecurity controls are integrated to meet platform security posture and the Department of Defense (DoD) Authorizing Officials program requirements
  • Participate in the formal Security Test and Evaluation process required by each government acceptance and approval authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports
  • Perform product security reviews with the ability to communicate issues and risks in business terms and make recommendations that balance risk/reward tradeoffs
  • Recommend embedded cybersecurity defense and countermeasures for avionics product designs
  • Research, evaluate, and assess emerging embedded cyber security threats and technologies
  • Evaluate and test new cybersecurity tools and capabilities
  • Analyze static and dynamic source code scans to achieve Software Assurance (SwA) goals
  • Suggest and implement new tools and efficiency improvements for the development of secure software
  • You may also conduct research and prepare reports based on findings, to include recommendations or alternative proposals for action.
  • Provides training and mentoring to more junior staff members.
  • Provides solutions to a variety of technical problems of moderate scope and complexity as part of a project team.
  • Demonstrates leadership qualities and acts as a role model. Contributes to cost/scope estimation.
  • May lead functional tasks or projects.
  • Works independently to solve a wide range of complex problems requiring the regular use of ingenuity and creativity.

Qualifications

Hold an accredited Bachelor in Cybersecurity, Computer Science, Software Engineering, or other related engineering degrees with a cumulative GPA of over 3.2 and with a minimum of 9 years of experience in cyber security and/or secure system/embedded systems. 

OR

Hold an accredited Master in Cybersecurity, Computer Science, Software Engineering, or other related engineering degrees with a cumulative GPA of over 3.2 and with a minimum of 7 years of experience in cyber security and/or secure system/embedded systems.

OR

Hold an accredited Ph.D. in Cybersecurity, Computer Science, Software Engineering, or other related engineering degrees with a cumulative GPA of over 3.2 and with a minimum of 4 years of experience in cyber security and/or secure system/embedded systems.

Preferred

You have experience with the Risk Management Framework (RMF), knowledge of embedded system security architectures and engineering approaches to building system security solutions, experience with Department of Defense, Government Certification and Authorizing Officials or federal customer base, and Software development experience in one of the following core languages: C, C++ or C#.

You understand security vulnerabilities found via security tools (i.e., HP Fortify, Klocwork, Nessus/Tenable, and others) and you have static/dynamic code analysis experience.

Requires excellent written and oral communication skills, the ability to understand and follow complex, detailed instructions, and the ability to work both independently and in a team environment.   Must be able to approach technical problems logically and scientifically. Must be flexible and able to handle multiple priorities, and be able to work for short to moderate periods without direct supervision.

Computer skills, familiarity with basic shop tools and/or machine equipment, and an aptitude and understanding of basic electrical, mechanical, optical, or software engineering principles. Requires technical writing and documentation skills.

CISSP or equivalent certification

 

Travel Requirements

Able to travel domestically and internationally up to 20% to support projects.

Clearance

Must be able to acquire a Secret Security clearance.

 

Additional Information

All your information will be kept confidential according to EEO guidelines.

#L1-DR1

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: C CISSP Clearance Code analysis Computer Science DoD Nessus NIST Product security Risk management Security Clearance Vulnerabilities

Perks/benefits: Flex hours Team events

Region: North America
Country: United States
Job stats:  3  0  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.