Security Engineer

job summary:

• Leads activities to develop, document and maintain architectures, requirements, algorithms, interfaces and designs for software systems.
• Leads development of code and integration of complex software components into a fully functional software system.
• Develops software verification plans, test procedures and test environments, executing the test procedures and documenting test results to ensure software system requirements are met.
• Provides technical leadership for software projects and leads software supplier management activities.
• Leads development, selection, tailoring and deployment of processes, tools and metrics.
• Plans, executs and documents software research and development projects.
• Serves as a subject matter expert for software domains, system-specific issues, processes and regulations.
• Tracks and evaluates software team and supplier performance to ensure product and process conformance to project plans and industry standards.
• Works under minimal direction.

• Create security scripts in Bash or Python.
• Author testing procedures that verify the configuration of the information system.
• Executing, analyze and assess the results from vulnerability, integrity and malware scans.
• Create security documentation that is assessed by NASA Security and Quality Assurance.
• Investigate security incidents and evaluate mitigations and remediation to prevent reoccurrence.
• Perform security control risk assessments.
• Creates and makes presentations to other security professionals, to stakeholders, to management, to NASA representatives and to other interested parties.
• Conducts security scans at the Titusville, Florida location.
• Applies an interdisciplinary, collaborative approach to plan, design, develop and verify basic lifecycle balanced system of systems and system solutions with an emphasis on network, hardware and software security.
• Evaluates customer/operational needs to define system performance requirements, technical parameter integration and compatibility of all physical, functional and program interfaces from a security perspective.
• Performs security analyses that provide safety, reliability, regulatory, certification, maintainability, testability, automation, human systems integration, vulnerability, and system security quality factors to ensure mission success.
• Supports the planning, organization, implementation and monitoring of requirements management processes, tools, risks, issues, opportunity management and technology readiness assessment processes with an emphasis on security.

• Experience in NIST security standards and regulations
• Experience with NASA security standards, specifications and procedures
• CISSP, CEH, or Security+ certifications
• Experience in hardware integration, primarily COTS-based and including a mix of real-time computing and I/O as well as other components
• Experience in command and control system distributed computer networking
• Experience in software development, primarily in C
• Experience with Python programming
• Experience in Ethernet TCP/IP, UDP, RS422, 1553, SCPI
• Experience in Programmable Logic Controllers and ladder logic
• Experience in the AGILE software development methodology
• Experience with project management tools (JIRA) and development tools (BitBucket)
• Experience in Test Automation tools and languages
• Experience with Engineering and Change Processes

• Bachelor of Science degree or higher in engineering, computer science, mathematics, physics or chemistry from an ABET Accredited school.
• Certifications (not required but would be a plus):
• SECURITY+
• CISSP
• CES

• Create security scripts in Bash or Python.
• Author testing procedures that verify the configuration of the information system.
• Executing, analyze and assess the results from vulnerability, integrity and malware scans.
• Create security documentation that is assessed by NASA Security and Quality Assurance.
• Investigate security incidents and evaluate mitigations and remediation to prevent reoccurrence.
• Perform security control risk assessments.
• Creates and makes presentations to other security professionals, to stakeholders, to management, to NASA representatives and to other interested parties.
• Conducts security scans at the Titusville, Florida location.
• Applies an interdisciplinary, collaborative approach to plan, design, develop and verify basic lifecycle balanced system of systems and system solutions with an emphasis on network, hardware and software security.
• Evaluates customer/operational needs to define system performance requirements, technical parameter integration and compatibility of all physical, functional and program interfaces from a security perspective.
• Performs security analyses that provide safety, reliability, regulatory, certification, maintainability, testability, automation, human systems integration, vulnerability, and system security quality factors to ensure mission success.
• Supports the planning, organization, implementation and monitoring of requirements management processes, tools, risks, issues, opportunity management and technology readiness assessment processes with an emphasis on security.

• Experience level: Experienced
• Minimum 5 years of experience
• Education: Bachelors