Senior Embedded Software Security Engineer (onsite)
Vir Healthway, Santa Barbara, CA, United States
Job Description:
Industry: Aerospace / Aviation / Defense
Job Category: Engineering - Other Engineering
Description
Our company's Santa Barbara Operations provides sub-systems and components for every mission critical system on a modern military vehicle. Our heritage is in electrohydraulic and electromechanical actuation systems and now, through acquisitions and internal development, the company provides expert solutions in:
• Stabilized Turret Drive Systems
• Integrated Weapon Systems (full turret from mechanical design to fire control electronics and software)
• Ammunition Handling
• Data Control and Distribution
• Power Management and Distribution
We are looking for a Senior Embedded Software Security Engineer to design and architect new capabilities for our new and existing turreted weapons systems (RIwP). Perform assessments and provide design/architectural guidance with the goal of eliminating and/or mitigating cyber vulnerabilities. In addition, design and implement processes and procedures to pro-actively identify and mitigate potential cyber vulnerabilities for embedded systems throughout the product-lifecycle (concept to end-of-life), including risk identification and assessment. Also, to identify opportunities to ensure the continuous robust secure operation of company products in the field.
Here's what you'll be working on day to day:
• Design, code, debug, and integrate new capabilities for our new and existing turreted weapons systems (RIwP)
• Deliver executable software that meets performance requirements
• Design, develop, implement, and monitor an auditable set of life cycle processes to assess, document, any/all cyber security requirements for software/embedded systems within company products
• Vulnerability Analysis to identify and document potential cyber vulnerabilities including logic/coding flaws, inter-device communication weaknesses, and potential hidden or "backdoor" entry points
• Debug issues with existing systems
• Deliver other software work products (documentation) that meet contractual requirements
• Provide status reporting to management during project execution
• Gather and organize technical information from customer requirements
eeds regarding cyber security including the products' mission, goals and needs
• Perform risk assessment and analysis of embedded systems/applications within company products from concept through product end-of-life
• Identify current and emerging embedded system products technology issues, including security trends, vulnerabilities, and threats
• Pro-actively identify, recommend, and implement new cyber security solutions and strategies to resolve/mitigate any cyber security issues and protect the company's embedded systems products
Here's what you'll need to bring with:
• Bachelor of Science degree in Electrical, Computer, or Software Engineering desired. Bachelor of Science degree in other engineering fields, may be considered with appropriate additional experience in the design/development/test of real-time control software.
• Minimum of 7 years of experience in the design/development/test of embedded real-time control software, and about 5 years overall experience in software development
• C language (java a plus)
• OS experience, especially RTOS (bare metal and embedded Linux a plus)
• Experience with communication protocol drivers and stacks (networking, 1553, UART, SPI, I2C, Canbus, etc.)
• Read and understand electronic part data sheets, electrical schematics, communication protocol documents
• Behavioral Competencies: innovation, adaptability, decision making, communications, customer focus, building strategic working relationships, energy, initiating action, quality orientation
• Technical competency required in applied science, data acquisition, diagnostic skills, document creation, and math
• Experience in Unix internals, low level driver software, communication interface software as well as GUI software is a plus
• Ability to travel 10-15%
• Ability to obtain a U.S. security clearance
It would be great if you also had:
• Master's Degree a plus.
• Experience with vulnerability assessment tools such as Coverity, HP Fortify, Veracode, Black Duck, etc.
• Strong awareness of cybersecurity trends and hacking techniques
• Thorough understanding of the latest security principles, techniques, and
• Experience with network security, networking technologies, and network monitoring tools
• Industry Certification(s) i.e., Certified Secure Software Lifecycle Professional, Certified Information Systems Security Professional, Global Information Assurance Cert., Certified Ethical Hacker, Certified Information Security Manager (CSSLP, CISSP, GICSP, GSEC, CEH or CISM)
Here's what is in it for you:
• Comprehensive medical, dental, and vision benefits on day one
• Flexible planned vacation
• 401K, Retirement Savings Plan, profit share, and employee stock purchase options
• Tuition reimbursement program up to $15K per year
• Inclusive company culture
• Work a 9/80 schedule with every-other Friday off!
Industry: Aerospace / Aviation / Defense
Job Category: Engineering - Other Engineering
Description
Our company's Santa Barbara Operations provides sub-systems and components for every mission critical system on a modern military vehicle. Our heritage is in electrohydraulic and electromechanical actuation systems and now, through acquisitions and internal development, the company provides expert solutions in:
• Stabilized Turret Drive Systems
• Integrated Weapon Systems (full turret from mechanical design to fire control electronics and software)
• Ammunition Handling
• Data Control and Distribution
• Power Management and Distribution
We are looking for a Senior Embedded Software Security Engineer to design and architect new capabilities for our new and existing turreted weapons systems (RIwP). Perform assessments and provide design/architectural guidance with the goal of eliminating and/or mitigating cyber vulnerabilities. In addition, design and implement processes and procedures to pro-actively identify and mitigate potential cyber vulnerabilities for embedded systems throughout the product-lifecycle (concept to end-of-life), including risk identification and assessment. Also, to identify opportunities to ensure the continuous robust secure operation of company products in the field.
Here's what you'll be working on day to day:
• Design, code, debug, and integrate new capabilities for our new and existing turreted weapons systems (RIwP)
• Deliver executable software that meets performance requirements
• Design, develop, implement, and monitor an auditable set of life cycle processes to assess, document, any/all cyber security requirements for software/embedded systems within company products
• Vulnerability Analysis to identify and document potential cyber vulnerabilities including logic/coding flaws, inter-device communication weaknesses, and potential hidden or "backdoor" entry points
• Debug issues with existing systems
• Deliver other software work products (documentation) that meet contractual requirements
• Provide status reporting to management during project execution
• Gather and organize technical information from customer requirements
eeds regarding cyber security including the products' mission, goals and needs
• Perform risk assessment and analysis of embedded systems/applications within company products from concept through product end-of-life
• Identify current and emerging embedded system products technology issues, including security trends, vulnerabilities, and threats
• Pro-actively identify, recommend, and implement new cyber security solutions and strategies to resolve/mitigate any cyber security issues and protect the company's embedded systems products
Here's what you'll need to bring with:
• Bachelor of Science degree in Electrical, Computer, or Software Engineering desired. Bachelor of Science degree in other engineering fields, may be considered with appropriate additional experience in the design/development/test of real-time control software.
• Minimum of 7 years of experience in the design/development/test of embedded real-time control software, and about 5 years overall experience in software development
• C language (java a plus)
• OS experience, especially RTOS (bare metal and embedded Linux a plus)
• Experience with communication protocol drivers and stacks (networking, 1553, UART, SPI, I2C, Canbus, etc.)
• Read and understand electronic part data sheets, electrical schematics, communication protocol documents
• Behavioral Competencies: innovation, adaptability, decision making, communications, customer focus, building strategic working relationships, energy, initiating action, quality orientation
• Technical competency required in applied science, data acquisition, diagnostic skills, document creation, and math
• Experience in Unix internals, low level driver software, communication interface software as well as GUI software is a plus
• Ability to travel 10-15%
• Ability to obtain a U.S. security clearance
It would be great if you also had:
• Master's Degree a plus.
• Experience with vulnerability assessment tools such as Coverity, HP Fortify, Veracode, Black Duck, etc.
• Strong awareness of cybersecurity trends and hacking techniques
• Thorough understanding of the latest security principles, techniques, and
• Experience with network security, networking technologies, and network monitoring tools
• Industry Certification(s) i.e., Certified Secure Software Lifecycle Professional, Certified Information Systems Security Professional, Global Information Assurance Cert., Certified Ethical Hacker, Certified Information Security Manager (CSSLP, CISSP, GICSP, GSEC, CEH or CISM)
Here's what is in it for you:
• Comprehensive medical, dental, and vision benefits on day one
• Flexible planned vacation
• 401K, Retirement Savings Plan, profit share, and employee stock purchase options
• Tuition reimbursement program up to $15K per year
• Inclusive company culture
• Work a 9/80 schedule with every-other Friday off!