המקום בו המומחים והחברות הטובות ביותר נפגשים
The
Advanced Cybersecurity Architect
Key Responsibilities:
Good understanding of Design Objectives DO-178B/C, DO-326A, DO-355, and DO-356A to support continuous Airworthiness of an aircraft from safety and security aspects.
Experience in Certifying and meeting the compliance for the Embedded products that run in an Aircraft cockpit with Certifying Authorities like FAA, and EASA.
Experience in driving secure architecture by design, security risk assessment, defense-in-depth approach, multilayer security controls, identifying the gaps, and defining the remediation approach by using the security controls during the risk assessment.
Experience in providing security architecture guidance and support to a large development organization to support security by design principles.
Good understanding of Cryptographic principles, Hashing, Certificate Management, Symmetric, and Asymmetric algorithms.
Drive
Support product security process activities including threat modeling, security requirements, security reviews, threat vulnerability assessments and risk management for Aerospace applications.
Must have product architecture and development background with Secure software development lifecycle experience.
Understanding of security by design principles and architecture level security concepts up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities
Have experience in developing, securing, and driving security requirements recommendations for, Embedded & IIOT based Avionics Products, on RTOS platforms such as VxWorks, Deos.,
Experience with securing Commercial Cloud, Hybrid and private cloud deployed applications, Containers, and VMs, through secure configurations and performing periodic security reviews.
Lead new initiatives that add value to SDL processes and procedures
YOU MUST HAVE:
Bachelor’s degree or equivalent work experience in Cyber Security or Information Technology
Strong interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among stakeholders
6+ years Cyber Security or Information Technology experience
WE VALUE:
Understanding of Agile software development practices.
Understanding DevsecOps and have a good working understanding of tooling specific to CI/CD pipelines and security tooling.
Information Security accreditation (CISSP/CSSLP or other security related certifications)
Developing secure systems, web application penetration testing or application security consultant
Azure, AWS or GCP Security or Solutions Architecture certifications
Experience with widely used security tools like SD Elements, BlackDuck Hub, Microsoft Threat modeling tool, SAST (Coverity, SonarQube), DAST (Burp, ZAP, AppSpider), Fuzzing, Vulnerability management and continuous monitoring tools
Sound understanding of Cryptography, encryption algorithms, Public Key Infrastructure (PKI), Secure boot and Open-source risk management.
An effective communicator with excellent relationship management skills and strong analytical, leadership, decision-making, and problem-solving skills.
Additional Informationמשרות נוספות שיכולות לעניין אותך