Sr Systems Security Engineer

Sierra Nevada Corporation•Englewood, CO

1d•Hybrid

About The Position

The ISR (Intelligence, Surveillance & Reconnaissance), Aviation, and Security (IAS) business area is a leader in ISR and aviation, it is a leading prime manned and unmanned aircraft systems integrator for innovative, high-performance ISR and aviation systems. Its end-to-end Command, Control, Computers, Communications and Intelligence, Surveillance & Reconnaissance (C4ISR) capabilities encompass design, integration, test, certification, ground/flight training and complete logistics support. IAS tailors solutions to customer cost, performance, and schedule requirements and designs to consistently exceed expectations – with an unrivaled record of on time and on (or under) budget deliveries. SNC has led thoughtful and disruptive change in the aerospace and defense industry for the past 60 years and now, we’re applying this tenacity and expertise to the U.S. Air Force’s (USAF) Survivable Airborne Operations Center (SAOC) mission. Join the SNC-led SAOC team and be a part of exciting and meaningful work to modernize and deliver the next-generation SAOC aircraft trusted by the President, Secretary of Defense and Chairs of the Joint Chiefs of Staff to ensure continued critical command, control and communication during national emergencies. If you’re passionate about building the airborne command post of the future, consider SNC for your next mission. Learn more about NC3 and SAOC here . We are looking for a dedicated DevSecOps Engineer to join our team and play a key role in integrating development, security, and operations to enhance our end-to-end system security. In this position, you will be responsible for designing and implementing scalable, functional, and secure systems, while continuously improving the security posture of both our development and production environments. You will work closely with both development and operations teams to ensure security best practices are embedded throughout the software lifecycle. The ideal candidate will have a strong DevOps background with a deep emphasis on security, strong analytical skills, and a passion for solving complex IT and security challenges. As a Senior Systems Security Engineer, you will lead the design and deployment of our security infrastructure, manage complex security projects, set strategic direction for security practices, and mentor junior engineers. If you thrive in a collaborative environment and are committed to advancing security in every phase of the development process, we encourage you to apply.

Requirements

Bachelor's degree in Systems Security, Network Engineering, Information Technology, or related Engineering discipline.
8+ years of experience in IT security or a related field.
Relevant experience can be considered as a substitute for the required educational qualifications. In the absence of a degree, a minimum of 12 years of related experience is required.
Certified Information Systems Security Professional (CISSP) is required.
Higher level relevant degree may substitute for experience.
Expert understanding of cybersecurity principles and practices.
Experience with security frameworks and standards such as National Institute of Standards and Technology (NIST), ISO 27001.
Proven work experience as a DevSecOps Engineer or similar role in development, operations, and security.
Knowledge of cloud technologies and architectures (Azure / AWS).
Experience in secure coding practices and automating security testing tools.
Proficient with containerization technologies like Docker and orchestration tools like Kubernetes.
Experience with automation scripts and configuration management tools.
Excellent communication skills with the ability to explain complex security topics in an understandable manner.
Ability to obtain/maintain a Top Secret U.S. Security Clearance is required.
U.S. Citizenship status is required as this position needs an active U.S. Security Clearance for employment.
Non-U.S. Citizens may not be eligible to obtain a security clearance.

Nice To Haves

Information Systems Security Engineer Professional (ISSEP), Certified Authorization Professional (CAP), or Certified Information Security Manager (CISM) Certification.
Security+, Certified Information Systems Auditor (CISA), or CompTIA Advanced Security Practitioner (CASP+) Certification.
Microsoft Certified Solutions Expert (MCSE) or Linux.
Experience in the aerospace or defense industry.

Responsibilities

Design and implement secure automation solutions for development, testing, and production environments.
Manage and maintain infrastructure security and monitoring systems.
Develop and maintain CI/CD pipelines across multiple environments.
Understand and remediate system vulnerabilities and security issues.
Collaborate with team members to improve the company’s engineering tools, systems, procedures, and data security.
Create and maintain security-related documentation.
Stay current with security industry trends, including emerging threats and security solutions.
Support incident response and problem management teams by providing containment actions and incident analysis.
Developing strategies for security and scalability.