Systems Engineer - Cyber Security

Job Description
Systems Engineer - Cyber Security

You don't see it, but it's there. Our employees work on the world's most advanced electronics - from saving emissions in the City of Lights to powering the Mars Rover to protecting the F-35 fighter jet. At Electronic Systems, you'll be among the brightest minds, working on the aerospace and defense industry's most difficult problems. Drawing strength from our differences, we're innovating for the future. And you can, too.
Our flexible work environment provides you a chance to change the world without giving up your personal life. We put our customers first - exemplified by our missions: "We Protect Those Who Protect Us®" and "We Innovate For Those Who Move The World TM ." Sound like a team you want to be a part of? Come build your career with us.
Engineers at our Endicott NY location support the following two Business Area's
Controls & Avionics Solutions (CAS):
In Controls & Avionics Solutions, you will have the opportunity to help define and develop the next generation of avionics - whether it is fly-by-wire flight controls, full authority digital engine controls, or power management.
http://www.baesystems-ps.com/interactive/cas.htm

Power & Propulsion Solutions (PPS):
In Power & Propulsion Solutions, we're involved with everything from providing efficient, power management on military vehicles to developing eco-friendly, hybrid and electric systems for the commercial world. Be part of a team that is helping to keep the air we breathe much cleaner.
https://www.baesystems.com/en-us/product/hybridrive-propulsion-systems

DUTIES AND RESPONSIBILITIES:

BAE Systems is looking for a Systems Engineer focused on Embedded Systems Products' - Cyber Security and Information Assurance. The qualified candidate will be working on the security engineering team supporting engineering activities in a rapid development environment to support the specification, development, and application of computer security technologies, cyber security and information assurance management techniques to DoD and commercial Avionics and Vehicle systems.

Keywords: Cyber, security, vulnerability, STIG, RMF, Risk Management Framework, A&A, Assessment and Authorization, threat modeling, offensive, attack vector, defense-in-depth, Systems Engineering, Software Engineering, Product Development.

Tasks may include:

  • Leading cyber system engineering teams
  • Perform requirements development and decomposition from an embedded cyber security perspective
  • Leading Assessment and Authorization (A&A) activities for DoD and commercial Avionics and Vehicle systems in accordance with Risk Management Framework and ICD-503 guidelines
  • Supporting offensive architecture analysis and design of defense-in-depth solutions
  • Developing and assessing system security plans including, security concepts of operation, risk management matrix, security control traceability matrix, security test procedures, and plan of action and milestones
  • Conducting and analyzing vulnerability assessments to validate system compliance with RMF controls and DISA Security Technical Information Guidelines (STIGS)
  • Analyzing static code scans and dynamic code scans to validate Application Security and Development STIG compliance
  • Leading and coordinating security test event teams to achieve accreditation milestones
  • Verifying and validating vulnerability resolutions and/or mitigations
  • Supporting proposal and cost estimate activities
This position may require business travel to customer locations in support of product development and systems integration and test (SEIT).

Typical Education & Experience
.

Required Skills and Education
Required Skills
  • US Citizenship and ability to be granted a security clearance by the Federal Government
  • Bachelor's, Master's, or PhD Degree in Computer Engineering, Electrical Engineering, Computer Science, or other related technical field
Preferred Skills and Education

Preferred Education and Experience
  • Bachelor's, Master's, or PhD Degree in Computer Engineering, Electrical Engineering, Computer Science or other related technical field
  • BS with 7+ Years of Experience, MS/PhD with 5+ Years' Experience
Experience in any the following areas are a plus
  • ISC2 CISSP or equivalent certification
  • Extensive experience with traditional A&A tools: ACAS Nessus, HBSS, Xacta, eMASS, SCAP Scanner, Fortify, WebInspect, STIG Viewer
  • Demonstrated expertise in national Cybersecurity policies, DoD or Intelligence Community A&A processes and procedures and industry best practices on complex systems
  • Expertise in vulnerability assessment, control allocation and risk mitigation
  • Understanding of offensive security tactics, techniques and procedures
  • Ability to negotiate effectively with higher level managers, functional managers, customers, industry partners, and teammates
  • Demonstrated leadership skills (supervisory experience, building teams, building customer relationships)
  • Ability to support proposal and cost activities
  • Strong interpersonal skills and the ability to effectively build and lead teams
  • Strong mentoring skills
  • Good planning and organizational skills
  • Strong oral and written communications skills
  • Other cyber certifications (ISSAP-CISSP, ISSEP-CISSP, CCSP, CEH, OSCP, etc.)
  • Experience with Cyber Failure Mode, Effects, and Criticality Analysis (FMECA)
  • Experience writing proposals with innovative cost effective solutions
  • Experience with offensive architecting, threat modeling and attack vector analysis
  • Experience with cloud and cross domain solution accreditations
  • Working knowledge of Earned Value Management System (EVMS) systems and Project management tools such as Cost Performance Index (CPI) and Integrated Master Schedule (IMS)
  • Cyber Security for Embedded Systems
  • Experience in a Safety Critical or Functional Safety Real Time Embedded Electronics Industry such as:
    • Aerospace, Military, Medical, Automotive, Industrial / Energy / Nuclear, Internet of Things (IoT)
  • Experience with Safety Critical or Functional Safety industry standards such as:
    • DO-178B, DO-178C, IEC 62304, IEC 62368, IEC 61508, ISO 26262
About BAE Systems Electronic Systems
BAE Systems Electronic Systems is the global innovator behind game-changing defense and commercial electronics. Exploiting every electron, we push the limits of what is possible, giving our customers the edge and our employees opportunities to change the world. Our products and capabilities can be found everywhere - from the depths of the ocean to the far reaches of space. At our core are more than 14,000 highly talented Electronic Systems employees with the brightest minds in the industry, we make an impact - for our customers and the communities we serve.


Back to top