Apply Now

Senior Principal Cyber Engineer

Rome, NY, USA | BAE Systems

  • Industry:
    Airlines/Aviation/Aerospace
  • Position Type:
    Full-Time
  • Functions:
    IT / Information Technology
  • Experience:
    7-10 years
Job Description:
92 people have viewed this job

The GXP and AGS teams develop innovative sensor data processing and analytics software products and services. Our team has grown significantly since 2002, increasing revenue by 10x and greatly increasing the size of the team. We have facilities in San Diego California, Rome New York, and Durham North Carolina.


The Engineering Support team for AGS is responsible for a number of common resources and capabilities that a member of the team is expecting to often support. This requires a candidate to be flexible, a superior problem solver; enjoy learning, creating, and implementing new technology and processes.


The Engineering Support team is specifically responsible for the following areas in AGS


Enterprise Engineering DevOps


Cloud Engineering DevOps and DevSecOps


AppSec


Modeling and Simulation


A candidate will be supporting our cloud dev operations by helping to roll out security changes via configuration, scripting, or AWS service. Additionally they will take part in penetration testing events.


A candidate can grow with their interests into other areas of the Engineering Support team or development.


A successful candidate must demonstrate:


An education background in software, computer engineering, or IT


An understanding of how to provide security solutions that balance security and efficient development


An understanding of how to move between technologies and scripting languages as well as learn new ones with ease


A desire to work with, communicate, and assist developers and IT professionals


Enjoy urgency and change


An understanding of how to be a hero to your customers (Dev) by working with them to help them be more efficient and by describing (passively training) them on vulnerabilities and real world examples.


Please note that pursuant to a government contract, this specific position requires US citizenship status


Typical Education & Experience


Typically a Bachelor's Degree and 8 years work experience or equivalent experience


Required Skills and Education


8 Years Experience with software development, computer management, network and computer security, application pen testing


Highly motivated and able to work well in both team and solo settings.


Familiar with common classes of software vulnerabilities / security bugs and how they are exploited, including both web-based attacks (injections, traversals, deserializations), and memory corruption attacks (BO, Heap exploitation).


Able to work under consultative direction toward long-range goals and objectives.


Experience developing solutions to problems of unusual complexity that require a high degree of ingenuity, creativity and innovativeness.


Able to face problems that are unique in the organization, and find solutions that may serve as precedent for future decisions.


Familiarity with NIST Special Publication 800-53


Excellent communication and interpersonal skills, and willingness to mentor other developers in secure software practices.


Humility, empathy, patience, a desire to learn, and help teammates learn.


US Citizenship


Bachelor's Degree in a computer related field


Preferred Skills and Education


Experience with Cloud Providers such as AWS or Azure


Familiarity with managing both Windows and Linux


Experience with cloud automation via configuration such as cloud formation or Terraform


Experience with scripting or programming languages and automation


Experience with asset and user management of a computer network


BS and 8 years, or MS and 6 years of professional engineering experience in Software or Systems Engineering


CISSP, CSSLP, or OSCP certified (or better: OSCE, OSEE)


Experience with Federal cybersecurity accreditation processes and standards (DIACAP, RMF, CJIS, etc)


Experience creating security accreditation packages


Experience designing and implementing secure cloud environments (AWS)


Experience designing, documenting, and implementing multi-faceted security solutions that include technological, administrative, and procedural controls.


Pen testing experience and experience leading or coordinating a team of pen testers.


Bug hunting / Bug bounty experience; experience discovering and validating security bugs and developing proof-of-concept software exploits against a single application. Multi-system web application bug hunting experience is a plus.


Other companies hiring with Ivy Exec

 Company Logos