Embedded Cybersecurity Engineer, Sr.

Worker Type

Regular

Job Description

 

Summary

The Embedded Cybersecurity Engineer, Sr. will address the security of the embedded systems in our products.  This key cybersecurity role is for a hands-on professional who is big picture sensitive, detail-oriented, and driven to deliver secure high-quality products.  This role will contribute to the security of our products by working with developers and engineers throughout the R&D and Operations organizations to ensure our products comply with relevant security standards and contract requirements.

Position Responsibilities

• Collaborate with the product R&D teams to help them understand the security mindset, guiding them to implement specific security controls for product/system wide security needs.
• Coordinate with Electrical and Hardware engineering to ensure security requirements are addressed in the hardware selection and design.
• Support embedded system Architect and Developers to ensure the security controls are implemented as intended.
• Support consistent implementation of the embedded system security practices across projects.
• Coordinate with SW Developers & manufacturing engineering to ensure security needs are met.
• Identify security needs for embedded hardware, firmware, software, and microprocessors.
• Support selection of hardware components, third-party software, security tools and vendors. Identify security vulnerabilities and weaknesses in the system design and architecture.
• Contribute to the development of tools, processes, and policies to prevent, detect, and resolve classes of issues across the entire development lifecycle, including supply chain and manufacturing.
• Conduct embedded product and device cybersecurity activities including incident response, vulnerability assessments, and mitigation implementation.
• Continuously evaluate the effectiveness of implemented cybersecurity controls.
• Implement new approaches and countermeasures for emerging threats to embedded systems.
• Provide security-related deliverables for regulatory bodies and contracts.
• Assess software applications and control procedures.
• Other duties as assigned

Basic Qualifications (Required Skills & Experience)

• Bachelor’s degree required in Cybersecurity, Electrical or Computer Engineering, Computer Science, or similar or related field, or equivalent combination of education, training, and experience.
• 8 years of related experience
• 5 years of experience in Cybersecurity and embedded hardware.
• CompTIA Security+, GIAC Security Essentials (GSEC) or equivalent verifiable credentialed certification.

Other Qualifications & Desired Competencies

• Strong written and verbal communication skills.
• Strong analytical, time management and organizational skills.
• Strong computer skills and proficiency with office software and productivity tools.
• Works well with little or no supervision and exercises independent judgement on a regular basis.
• Ability to gain cooperation of others, conducting presentations of technical information concerning specific projects or schedules.
• Computer Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), CompTIA Advanced Security Practitioner (CASP) or equivalent verifiable credentialed certification.
• Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OCSP), or equivalent verifiable credentialed certification.
• Experience achieving ISO 27001 certification.
• Experience complying with NIST Cybersecurity standards and guidance
• Experience complying with the requirement of the National Industrial Security Program Operating Manual (NISPOM)
• Experience with one or more of the following technical areas:
  • Wireless and/or network communications
  • Basic knowledge of common hardware components, packaging, and PCBA level integration
  • Basic knowledge of common cryptographic algorithms and protocols, implementation attacks (i.e., side-channel and fault injection)
  • Hardware security implementation analysis and exploitation (cryptography, side-channel analysis, and/or fault injection)
  • Testing and validation of cybersecurity control implementation, using manual methods and automated tools (e.g., ACAS, Tenable.sc, Nessus, Nexpose, etc.)

Physical Demands

• Ability to sit, stand, stoop, reach, lift (up to 25 lbs.), bend, etc.  Hand and wrist dexterity to utilize the computer.
• May require travel to sites/program and special functions.

Environmental Conditions Critical to Performance:

• Work is in an office environment, climate controlled through central air conditioning/heating.
• Occasional work on the production floor may be required.
• May have some exposure to outside environment while traveling.

Special Requirements

• U.S. Citizen, U.S. Permanent Resident (Green Card holder) or asylee/refugee status as defined by 8 U.S.C. 1324b(a)(3) required.
• Must be able to travel within the Continental U.S. and internationally when required.
• Must have a DoD Secret security clearance or be eligible to obtain one.

The salary range for this role is:

$118,107 - $167,475

AeroVironment considers several factors when extending an offer, including but not limited to, the location, the role and associated responsibilities, a candidate’s work experience, education/training, and key skills.

ITAR Requirement:

This position requires access to information that is subject to compliance with the International Traffic Arms Regulations (“ITAR”) and/or the Export Administration Regulations (“EAR”). In order to comply with the requirements of the ITAR and/or the EAR, applicants must qualify as a U.S. person under the ITAR and the EAR, or a person to be approved for an export license by the governing agency whose technology comes under its jurisdiction. Please understand that any job offer that requires approval of an export license will be conditional on AeroVironment’s determination that it will be able to obtain an export license in a time frame consistent with AeroVironment’s business requirements. A “U.S. person” according to the ITAR definition is a U.S. citizen, U.S. lawful permanent resident (green card holder), or protected individual such as a refugee or asylee. See 22 CFR § 120.15. Some positions will require current U.S. Citizenship due to contract requirements.

Benefits:  AV offers an excellent benefits package including medical, dental vision, 401K with company matching, a 9/80 work schedule and a paid holiday shutdown.  For more information about our company benefit offerings please visit:  http://www.avinc.com/myavbenefits.

We also encourage you to review our company website at http://www.avinc.com to learn more about us.

Principals only need apply.  NO agencies please.

Who We Are

Based in California, AeroVironment (AVAV) is a global leader in unmanned aircraft systems (UAS) and tactical missile systems. Founded in 1971 by celebrated physicist and engineer, Dr. Paul MacCready, we’ve been at the leading edge of technical innovation for more than 45 years. Be a part of the team that developed the world’s most widely used military drones and created the first submarine-launched reconnaissance drone, and has seven innovative vehicles that are part of the Smithsonian Institution’s permanent collection in Washington, DC.

Join us today in developing the next generation of small UAS and tactical missile systems that will deliver more actionable intelligence to our customers so they can proceed with certainty – and succeed.

What We Do

Building on a history of technological innovation, AeroVironment designs, develops, produces, and supports an advanced portfolio of unmanned aircraft systems (UAS) and tactical missile systems.  Agencies of the U.S. Department of Defense and allied military services use the company’s hand-launched UAS to provide situational awareness to tactical operating units through real-time, airborne reconnaissance, surveillance, and target acquisition.

We are proud to be an EEO/AA Equal Opportunity Employer, including disability/veterans. AeroVironment, Inc. is an Equal Employment Opportunity (EEO) employer and welcomes all qualified applicants. Qualified applicants will receive fair and impartial consideration without regard to race, sex, color, religion, national origin, age, disability, protected veteran status, genetic data, sexual orientation, gender identity or other legally protected status.

ITAR

U.S. Citizenship is required. Secret or Top Secret clearance, or the ability obtain a clearance is desired.