Systems Security Engineer
Santa Barbara, CA- (paid relocation)
Full Time
Salary +Benefits
U.S. Citizens and those authorized to work in the U.S. are encouraged to apply. We are unable to sponsor currently
Responsibility: - Design, develop, implement, and monitor an auditable set of life cycle processes to assess, document, any/all cyber security requirements for software/embedded systems within Moog products
- Vulnerability Analysis to identify and document potential cyber vulnerabilities including logic/coding flaws, inter-device communication weaknesses, and potential hidden or "backdoor entry points
- Gather and organize technical information from customer requirements/needs regarding cyber security including the products' mission, goals, and needs
- Perform risk assessment and analysis of embedded systems/applications within Moog products from concept through product end-of-life
- Identify current and emerging embedded system products technology issues, including security trends, vulnerabilities, and threats
- Pro-actively identify, recommend, and implement new cyber security solutions and strategies to resolve/mitigate any cyber security issues and protect Moog's embedded systems products
Mandatory skills - Demonstrated working experience/skill in critical thinking and real-time problem solving
- Minimum 5 years of experience developing secure embedded code within a structured system development life cycle (SDLC)
- Coding skills/Environments: Linux, RTOS, C, C++, Java
- Experience with vulnerability assessment tools such as Coverity, Client Fortify, Veracode, Black Duck, etc.
- Strong awareness of cybersecurity trends and hacking techniques
- Thorough understanding of the latest security principles, techniques, and
- Experience with network security, networking technologies, and network monitoring tools
- Knowledge of networking protocols, such as TCP/IP
- Experience with device communication protocols such as I2C, SPI, 1553, CANBus, etc., is desirable
- Industry Certification(s) desirable, i.e., Certified Secure Software Lifecycle Professional, Certified Information Systems Security Professional, Global Information Assurance Cert., Certified Ethical Hacker, Certified Information Security Manager (CSSLP, CISSP, GICSP, GSEC, CEH or CISM)
- Ability to access US export-controlled documentation