Experience Inc. Jobs

Job Description

Senior Cyber Embedded Systems Engineer - Hybrid

We want your Cyber Systems Engineering talentto perform system design activities such as developing and managing embedded system hardware and software product security requirements, developing secure system architectures and designs, performing system level security integration/test and assisting in validation for complex embedded control systems.

Engineers at our Endicott NY location support the following Business Areas

Controls & Avionics Solutions (CAS):

In Controls & Avionics Solutions, you will have the opportunity to help define and develop the next generation of avionics whether it is fly-by-wire flight controls, full authority digital engine controls, or power management.

http://www.baesystems-ps.com/interactive/cas.htm

Power & Propulsion Solutions (PPS):

In Power & Propulsion Solutions, we re involved with everything from providing efficient, power management on military vehicles to developing eco-friendly, hybrid and electric systems for the commercial world. Be part of a team that is helping to keep the air we breathe much cleaner.

https://www.baesystems.com/en-us/product/hybridrive-propulsion-systems

Duties and responsibilities include:

• Developing product security CONOPS and system security plans, identifying roles and responsibilities across a multi-discipline project team for implementing product security for embedded control systems.

• Decomposing customer product security requirements into feature-set capability requirements allocated to hardware, programmable logic devices, software and supporting engineering groups.

• Participate in threat/vulnerability assessments applying designated guidelines to identify required security measures to mitigate the security risks.

• Developing cybersecurity test plans and procedures to verify effectiveness of implemented features.

• Support cyber security audit and test events to support certification/accreditation milestones.

• Coordinate with Safety Engineering to ensure product security features do not adversely impact product safety.

Required Education, Experience, & Skills

• Required Education, Experience, & Skills

• Bachelor's Degree in related engineering field

• 8 years of experience in embedded controls development with at least 4 years applying product security.

• Experience in full lifecycle development including system requirements, design, system-level integration, validation, and verification.

• Experience in designing, architecting and integrating electronic control systems that include hardware, software and programmable logic devices.

• Experience performing threat assessments on embedded controls.

• Experience defining requirements for product security features leveraging component level cyber security features including, secure boot, Trusted Execution Environments, cryptographic accelerators, Trusted Platform Modules (TPMs) and Hardware Security Modules (HSMs).

• Experience translating cybersecurity concepts including; confidentiality, integrity, availability, authentication and authorization into functional cybersecurity requirements for the system being developed.

• Experience applying any of the following security processes; DoD Risk Management Framework (RMF), DO-326A Airworthiness Security Process Specification or ISO-21434 Road Vehicle Security.

• Experience performing security testing on embedded control including; scanning or fuzzing or pen-testing using industry standard tools.

• Technical writing skills: capable of creating required engineering documentation.

Preferred Education, Experience, & Skills

Preferred Education, Experience, & Skills

• Master s Degree in related engineering field

• 10 years of experience in avionics or electronic controls embedded development, including familiarity with systems such as flight controls, engine controls or mission systems, with at least 5 years of product security experience.

• Experience with development of formal validation and verification procedures.

• Experience with safety critical development guidelines including; ARP4754, DO-178B/C, DO-254, ISO-26262 or equivalent safety process requirements.

• Understanding of purpose and use cases for cryptographic objects: Keys, Certs, CRLs; algorithms; SHA, AES, RSA, ECC, HMAC, GMAC, etc., and protocols; TLS/DTLS, IPSec, etc.

• Understanding of offensive security principles.

• Experience with DISA STIGs and/or IAVA compliance hardening

• Experience with MITRE s CVEs, CWEs, CAPEC and ATT&CK.

• Demonstrated experience providing technical leadership.

• Technical documentation development

• Team player with a proactive attitude and the ability to be productive in a dynamic/collaborative environment

• Strong oral and written communications skills

• Motivated self-starter with good problem solving skills, judgment, and analytical capability

• Planning and organizational skills.

Pay Information

Full-Time Salary Range: $111700 - $189900

Please note: This range is based on our market pay structures. However, individual salaries are determined by a variety of factors including, but not limited to: business considerations, local market conditions, and internal equity, as well as candidate qualifications, such as skills, education, and experience.

Employee Benefits: At BAE Systems, we support our employees in all aspects of their life, including their health and financial well-being. Regular employees scheduled to work 20 hours per week are offered: health, dental, and vision insurance; health savings accounts; a 401(k) savings plan; disability coverage; and life and accident insurance. We also have an employee assistance program, a legal plan, and other perks including discounts on things like home, auto, and pet insurance. Our leave programs include paid time off, paid holidays, as well as other types of leave, including paid parental, military, bereavement, and any applicable federal and state sick leave. Employees may participate in the company recognition program to receive monetary or non-monetary recognition awards. Other incentives may be available based on position level and/or job specifics.

Senior Cyber Embedded Systems Engineer - Hybrid - Sign on Bonus and Relocation

98943BR

EEO Career Site Equal Opportunity Employer. Minorities . females . veterans . individuals with disabilities . sexual orientation . gender identity . gender expression