Principal Software Engineer (Security)

Brea, California, United States

Safran Passenger Innovations

View company page

Company Summary
At Safran Passenger Innovations, we make flying fun by focusing on maximizing the Passenger Experience. As an innovative In-Flight Entertainment and Connectivity (IFEC) company we design, engineer, manufacture, sell and support world-class In-Flight Entertainment and Connectivity solutions. Our products are constantly evolving, solving complex media distribution, playback, and networking problems in a secure, demanding on-wing environment. Safran IFEC products are utilized by many of the world’s premier air carriers. Step aboard and help us by creating the best in-flight experiences for today and beyond!

Job Summary

As a Principal Security Software Engineer on the Software Developmentteam, you will engage with an experienced cross-disciplinary staff to design and implement innovative In-Flight Entertainment (IFE) products applying state of the art security principles (wired and wireless) concepts and technologies to modernize all security aspects of our platform, including on-wing and off-wing Compute, Connectivity, Networking and Storage. Working closely with inter-disciplinary teams you will participate in architecture, design, development, test, and integration of software features for the RAVE IFEC systems and products using a hybrid development methodology in a regulated environment. You must be a self-starter, responsive, flexible, and able to succeed within an open, collaborative peer environment.

Duties and Responsibilities:

  • Contribute to the design, creation, development and improvement of security features, packaging, tools, testing, test automation, continuous integration, delivery, documentation and building of complex distributed systems in a low power, low latency, heat conscious environment
  • Problem solving - troubleshoot, triage, debug, and resolve security issues
  • Demonstrate passion for continuous improvement and take personal ownership of quality
  • Provide guidance, mentoring, training, and support across product development and the broader IFE business with respect to security best practices
  • Provide realistic estimates, foster a culture of transparency, and meet agreed upon commitments
  • Facilitate communication internally, with stakeholders, users, and/or customers on specifications, architecture, design, implementation, and approvals
  • Actively participate, engage, and contribute during meetings
  • Leverage other internal organizations to facilitate product success
  • Prepare and present technical information for large and diverse audiences
  • Assess third-party and open-source software and in some cases implement the same
  • Adhere to, contribute to, and help improve both organizational processes and the software development lifecycle (SDLC)

Requirements

  • Bachelor’s Degree in Computer Science, or equivalent experience in a related field (Cybersecurity training or experience is advantageous)
  • 3-6 years of experience in a Senior (or above) level role within Security software engineering
  • 15+ years of overall software development experience
  • 5+ years of proven experience on containers technologies, microservices and DevOps practices
  • Expert on monolithic to secure by design microservices with an eye towards practical migrations and attack surface analysis
  • Expert in service-to-service (API) communication security and monitoring
  • Security – holistic - Experience with security engineering concepts and practices including system and network security, authentication, protocols, cryptography, DB, and application security in regulated environments
  • Enterprise level expertise in securing development and delivery of complex distributed compute environments
  • Mastery of basic security concepts such as authentication, authorization (IAM), DevSecOps, Infrastructure as Code and Microservices/Containers
  • Deep network understanding including protocols, debugging, layers, security, intrusion detection, log analysis, and network scanning
  • Understand the OSI model and relationship between layers
  • Hybrid networking concepts (Cloud/On-Prem/On-Wing)
  • Secure design of API’s, queuing/messaging
  • Securing Kubernetes
  • Design experience with implementing Digital Rights Management (DRM) tools and key/secrets management
  • Experience with decentralized access control in complex distributed environments
  • UNIX/Linux or embedded operating systems using C/C++
  • Experience troubleshooting & root cause analysis of software and hardware security issues
  • Experience with formal Engineering Requirements documentation and processes

Experiences with any of the following languages, technologies and/or techniques would be advantageous:

o   Low level kernel/driver knowledge of Linux 4.x and 5.x

o   MQTT, IPC, RPC, sockets and/or audio/video players.

o   Highly available, fault-tolerant, distributed, or clustered systems development

o   ARINC 429 (data transfer) and RS-485/422.

o   Understanding of bus design: I2C, PCIe, SPI, MDIO, CAN, etc.

o   Experience with various security/cryptography concepts such as PKI, SSL and TLS with respect to embedded devices

o   Windows using C/C++/C#, .Net, web programming, JavaScript, ASP, SQL, Node, Go and functional compute like AWS Lambda

o   Mobile application communications development and loosely coupled designs

o   Understanding of containers and virtual machines using Docker Swarm, Kubernetes, or other control planes and compute primitives

o   Experience refactoring/rearchitecting monolithic solutions into distributed microservices, containerized or serverless with heavy API design and implementation strategies

Benefits

In addition to a comprehensive package of health benefits that include company contributions, Safran Passenger Innovations offers a variety of additional benefits and perks to enhance your work-life balance experience including but not limited to:

- A home allowance to elevate your home workspace

- Discretionary bonus program

- Future financial security with a 401(k) program with company match

- Paid time off covering vacations, personal time off and sick days, capped off by an exciting year-end holiday shutdown

- Embraced flexibility with our alternative work schedule (9/80) to navigate your workweeks with every other Friday off

Apply now Apply later
  • Share this job via
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: APIs Application security Automation AWS C Cloud Computer Science Cryptography DevOps DevSecOps Docker IAM Intrusion detection JavaScript Kubernetes Lambda Linux Log analysis Microservices Monitoring Network security PKI SDLC SQL TLS UNIX Windows

Perks/benefits: 401(k) matching Career development Flex hours Flex vacation Health care

Region: North America
Country: United States
Job stats:  3  0  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.