Software Security Lead - Senior Principal Software Engineer - S3E

About The Position

Requirements

• Bachelor’s degree in Science, Technology, Engineering or Mathematics (STEM) and 10 years of related experience
• Experience in object-oriented software design and embedded development using languages such as C and or C++
• Experience with Xilinx UltaScale+ MPSoC, Versal, or similar Embedded Processors
• Experience with embedded OS like VxWorks, Embedded Linux, or similar
• Embedded Software Security and Cryptographic Algorithm experience
• Experience with Secure Boot concepts
• Understanding of secure coding principles, architecture and implementation of secure coding best practices
• The ability to obtain and maintain a US security clearance. U.S. citizenship is required as only U.S. citizens are eligible for a security clearance

Nice To Haves

• Experience with validation and verification of software applications
• Experience/Knowledge of any of the following: Linux/Unix environment
• Interfacing with FPGAs
• Interfacing with low-level memory drivers
• Inter-processor communication
• ARM Architecture
• Experience designing, implementing, testing, or fielding real-time security-oriented solutions on Department of Defense (DoD) programs (embedded experience highly preferred)
• Experience using security-relevant tools and devices for security auditing, network security, host/server security, communication security, or policy management
• Experience in Agile and DevSecOps environments
• Experience in an Agile/Scrum/Kanban frameworks and development environments
• Experience using software configuration management and bug tracking tools
• Experience with Python / Perl
• Knowledge of modern computer architecture and hardware technologies including: PCIe, GPIO, I2C, SATA
• Field Programmable Gate Arrays (FPGAs)
• Application-Specific Integrated Circuits (ASICs)

Responsibilities

• Act as the Technical Lead and possibly the Agile Product owner for the Software Security Team
• Primary owner of the software security implementation to ensure compliance with System Security requirements
• Adopt and implement secure coding standards for each programming language used
• Drive off-nominal testing by ensuring the software will remain in a secure state during failure conditions and developing negative test cases for bypassing security
• Consider using compiler, interpreter and build tool features that improve executable security and ensure the compiler does not optimize out any security-critical behaviors
• Provide the software assurance implementation for the Program Protection Implementation Plan (PPIP), including a software vulnerability risk assessment on reused code and the final delivery, and a Software Bill of Materials (SBOM) on the final delivery, partnered with the Systems Security Lead
• Applying secure coding principles to the design and development of hardened software applications

Benefits

• medical
• dental
• vision
• life insurance
• short-term disability
• long-term disability
• 401(k) match
• flexible spending accounts
• flexible work schedules
• employee assistance program
• Employee Scholar Program
• parental leave
• paid time off
• holidays