Principal Software Engineer (Security)
Brea, California, United States
Safran Passenger Innovations
At Safran Passenger Innovations, we make flying fun by focusing on maximizing the Passenger Experience. As an innovative In-Flight Entertainment and Connectivity (IFEC) company we design, engineer, manufacture, sell and support world-class In-Flight Entertainment and Connectivity solutions. Our products are constantly evolving, solving complex media distribution, playback, and networking problems in a secure, demanding on-wing environment. Safran IFEC products are utilized by many of the world’s premier air carriers. Step aboard and help us by creating the best in-flight experiences for today and beyond!
Job Summary
As a Principal Security Software Engineer on the Software Development team, you will engage with an experienced cross-disciplinary staff to design and implement innovative In-Flight Entertainment (IFE) products applying state-of-the-art security principles (wired and wireless) concepts and technologies to modernize all security aspects of our platform, including on-wing and off-wing Compute, Connectivity, Networking, and Storage. Working closely with inter-disciplinary teams you will participate in the architecture, design, development, test, and integration of software features for the RAVE IFEC systems and products using a hybrid development methodology in a regulated environment. You must be a self-starter, responsive, flexible, and able to succeed within an open, collaborative peer environment.
Duties and Responsibilities:
- Contribute to the design, creation, development, and improvement of security features, packaging, tools, testing, test automation, continuous integration, delivery, documentation, and building of complex distributed systems in a low power, low latency, heat-conscious environment
- Problem-solving - troubleshoot, triage, debug, and resolve security issues
- Demonstrate a passion for continuous improvement and take personal ownership of quality
- Provide guidance, mentoring, training, and support across product development and the broader IFE business with respect to security best practices
- Provide realistic estimates, foster a culture of transparency, and meet agreed-upon commitments
- Facilitate communication internally, with stakeholders, users, and/or customers on specifications, architecture, design, implementation, and approvals
- Actively participate, engage, and contribute during meetings
- Leverage other internal organizations to facilitate product success
- Prepare and present technical information for large and diverse audiences
- Assess third-party and open-source software and in some cases implement the same
- Adhere to, contribute to, and help improve both organizational processes and the software development lifecycle (SDLC)
Pay: $148,000 - $197,000 per year
Requirements
- Bachelor’s Degree in Computer Science, or equivalent experience in a related field (Cybersecurity training or experience is advantageous)
- 3-6 years of experience in a Senior (or above) level role within Security software engineering
- 15+ years of overall software development experience
Required Experience
- 5+ years of proven experience in containers technologies, microservices, and DevOps practices
- Expert on monolithic to secure by design microservices with an eye towards practical migrations and attack surface analysis
- Expert in service-to-service (API) communication security and monitoring
- Security – holistic - Experience with security engineering concepts and practices including system and network security, authentication, protocols, cryptography, DB, and application security in regulated environments
- Enterprise-level expertise in securing the development and delivery of complex distributed computing environments
- Mastery of basic security concepts such as authentication, authorization (IAM), DevSecOps, Infrastructure as Code, and Microservices/Containers
- Deep network understanding including protocols, debugging, layers, security, intrusion detection, log analysis, and network scanning
- Understand the OSI model and the relationship between layers
- Hybrid networking concepts (Cloud/On-Prem/On-Wing)
- Secure design of API’s, queuing/messaging
- Securing Kubernetes
- Design experience with implementing Digital Rights Management (DRM) tools and key/secrets management
- Experience with decentralized access control in complex distributed environments
- UNIX/Linux or embedded operating systems using C/C++
- Experience troubleshooting & root cause analysis of software and hardware security issues
- Experience with formal Engineering Requirements documentation and processes
Desired Experience
- Understanding of embedded circuit design and PCB schematics, particularly with ARM/x86 processors
- Board-level security concepts and design
- Understanding of Platform as a Service (PaaS) concepts and how to construct secure compute platforms from physical hardware all the way up the stack. This includes the ability to assess/evaluate and utilize primitives in a constrained environment.
- Experience integrating automated security tests into CI/CD
- Skilled at designing high availability platforms with quick recovery objectives
- Adept at implementing internal tools to support development and troubleshooting for the entire stack
- Linux kernel expertise – can design and abstract/isolate/control low-level calls via wrapper/abstraction and create custom Linux distributions leveraging Yocto.
- Understanding of Video/Media content, playback, delivery, and streaming including DRM as well as an understanding of distributed file sharing concepts like BitTorrent
Experiences with any of the following languages, technologies, and/or techniques would be advantageous:
- Low-level kernel/driver knowledge of Linux 4.x and 5.x
- MQTT, IPC, RPC, sockets, and/or audio/video players.
- Highly available, fault-tolerant, distributed, or clustered systems development
- ARINC 429 (data transfer) and RS-485/422.
- Understanding of bus design: I2C, PCIe, SPI, MDIO, CAN, etc.
- Experience with various security/cryptography concepts such as PKI, SSL, and TLS with respect to embedded devices
- Windows using C/C++/C#, .Net, web programming, JavaScript, ASP, SQL, Node, Go and functional compute like AWS Lambda
- Mobile application communications development and loosely coupled designs
- Understanding of containers and virtual machines using Docker Swarm, Kubernetes, or other control planes and compute primitives
- Experience refactoring/rearchitecting monolithic solutions into distributed microservices, containerized or serverless with heavy API design and implementation strategies
Tags: APIs Application security Automation AWS C CI/CD Cloud Computer Science Cryptography DevOps DevSecOps Docker IAM Intrusion detection JavaScript Kubernetes Lambda Linux Log analysis Microservices Monitoring Network security PaaS PKI SDLC SQL TLS UNIX Windows
Perks/benefits: Flex hours
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs