Senior Principal Cyber DevOps Engineer
The GXP and AGS teams develop innovative sensor data processing and analytics software products and services. Our team has grown significantly since 2002, increasing revenue by 10x and greatly increasing the size of the team. We have facilities in San Diego California, Rome New York, and Durham North Carolina.
The Engineering Support team for AGS is responsible for a number of common resources and capabilities that a member of the team is expecting to often support. This requires a candidate to be flexible, a superior problem solver; enjoy learning, creating, and implementing new technology and processes.
The Engineering Support team is specifically responsible for the following areas in AGS
- Enterprise Engineering DevOps
- Cloud Engineering DevOps and DevSecOps
- Modeling and Simulation
A candidate will be supporting our cloud dev operations by helping to roll out security changes via configuration, scripting, or AWS service. Additionally they will take part in penetration testing events.
A candidate can grow with their interests into other areas of the Engineering Support team or development.
A successful candidate must demonstrate:
- An education background in software, computer engineering, or IT
- An understanding of how to provide security solutions that balance security and efficient development
- An understanding of how to move between technologies and scripting languages as well as learn new ones with ease
- A desire to work with, communicate, and assist developers and IT professionals
- Enjoy urgency and change
- An understanding of how to be a hero to your customers (Dev) by working with them to help them be more efficient and by describing (passively training) them on vulnerabilities and real world examples.
Typically a Bachelor's Degree and 8 years work experience or equivalent experience
Required Skills and Education
- 8+ Years' Experience with software development, computer management, network and computer security, application pen testing
- Highly motivated and able to work well in both team and solo settings.
- Familiar with common classes of software vulnerabilities / security bugs and how they are exploited, including both web-based attacks (injections, traversals, deserializations), and memory corruption attacks (BO, Heap exploitation).
- Able to work under consultative direction toward long-range goals and objectives.
- Experience developing solutions to problems of unusual complexity that require a high degree of ingenuity, creativity and innovativeness.
- Able to face problems that are unique in the organization, and find solutions that may serve as precedent for future decisions.
- Familiarity with NIST Special Publication 800-53
- Excellent communication and interpersonal skills, and willingness to mentor other developers in secure software practices.
- Humility, empathy, patience, a desire to learn, and help teammates learn.
- US Citizenship
- Bachelor's Degree in a computer related field
- Experience with Cloud Providers such as AWS or Azure
- Familiarity with managing both Windows and Linux
- Experience with cloud automation via configuration such as cloud formation or Terraform
- Experience with scripting or programming languages and automation
- Experience with asset and user management of a computer network
- BS and 8+ years, or MS and 6+ years of professional engineering experience in Software or Systems Engineering
- CISSP, CSSLP, or OSCP certified (or better: OSCE, OSEE)
- Experience with Federal cybersecurity accreditation processes and standards (DIACAP, RMF, CJIS, etc)
- Experience creating security accreditation packages
- Experience designing and implementing secure cloud environments (AWS)
- Experience designing, documenting, and implementing multi-faceted security solutions that include technological, administrative, and procedural controls.
- Pen testing experience and experience leading or coordinating a team of pen testers.
- Bug hunting / Bug bounty experience; experience discovering and validating security bugs and developing proof-of-concept software exploits against a single application. Multi-system web application bug hunting experience is a plus.
BAE Systems is a premier global defense and security company with approximately 90,000 employees delivering a full range of products and services for air, land and naval forces, as well as advanced electronics, security, information technology solutions and customer support and services.
The Electronic Systems (ES) sector spans the commercial and defense electronics markets with a broad portfolio of mission-critical electronic systems, including flight and engine controls; electronic warfare and night vision systems; surveillance and reconnaissance sensors; secure networked communications equipment; geospatial imagery intelligence products and systems; mission management; and power-and energy-management systems. Headquartered in Nashua, New Hampshire, ES employs approximately 13,000 people globally, with engineering and manufacturing functions primarily in the United States, United Kingdom, and Israel. Equal Opportunity Employer/Females/Minorities/Veterans/Disabled/Sexual Orientation/Gender Identity/Gender Expression
Back to top