Product Security Engineer

Systemart

  • Saint Louis, MO
  • Permanent
  • Full-time
  • 2 months ago
  • Job Description:
  • Lead the Cybersecurity aspects of the full-lifecycle development and manufacturing & production of embedded systems for Weapons programs.
  • Required Skills -
  • Cybersecurity or Engineering related degree, Cybersecurity IAT/IAM Level 1 Certificate or higher IAT/IAM level: IAT Level 1 – A+, Network+, SSCP, IAM Level 2 – CAP, GISF, GSLC, Security+
  • Job Duties -
  • Support the decomposition, and implementation of DoD Cybersecurity Requirements for embedded products in the intelligent armament domain (guided bombs, missiles, etc.),
  • The candidate must be able to understand DoD high level general requirements and translate them into requirements & guidelines within the different product specifications.
  • The candidate will also support the Design, Development, Integration, Verification & Validation and Test, for Weapons programs.
  • The candidates will lead and support system analysis for cyber threats, cyber test activities, cybersecurity of large scale events, risk assessments, and the development of risk mitigation plans.
  • Job Requirements -
  • The candidates are expected to have experience in:
  • · Secure boot & firmware updates
  • · Cryptographic integrity of HW/SW
  • · Real-time OS security
  • · Threat modeling for embedded environments
  • · Risk Management Framework process along with both the NIST and DOD standards for RMF
  • · Significant Experience with one or more of the phases of the engineering lifecycle with a focus on implementing cybersecurity
  • Desired Skills & Experience -
  • · Experience with systems, networks, operations
  • · Good understanding of typical Various cyber related compliance standards like: TEMPEST, DFARS Clause 252.204-7012, COMSEC, CNSSI 1253, DOD 8570, NIST 800-160, NIST 800-53 (Rev5) (and 53A), NIST 800-30, NIST 800-171, NIST 800-55, NIST 800-137, NIST 800-39
  • · Experience with Cyber Table Top, Cooperative Vulnerability Assessments/Investigations, Adversarial Assessments, or other pen test and threat evaluation efforts.
  • · Requirements, CONOPS, Use Case development
  • · HW/SW Development
  • · Integration and unit testing
  • · Verification and Validation
  • · Acceptance test and fielding
  • · Experience with ancillary engineering efforts like Requirements Quality Management, Operational Concepts, Model Based Engineering, Major Engineering Reviews like Preliminary/Critical Design Reviews, Preliminary Deployment Assessments, risk management and assessment, etc.

Systemart