Sr. Embedded Software Security Engineer

at  BAE Systems

JOB DESCRIPTION

Bring your Embedded Software and Security Engineering talent to perform software development activities such as architecting, designing and implementing software product security features, performing product security integration, and supporting validation for complex embedded control systems.

OUR MISSION:

At Electronic Systems, we’re passionate about creating solutions that transport millions of passengers every day. Whether it’s a bus ride or a flight, our commercial electronic systems help people get where they need to go. We’re committed to innovation, safety, and customer satisfaction, and we’re looking for talented individuals like you to join our team.

REQUIRED EDUCATION, EXPERIENCE, & SKILLS

• Bachelor‘s degree in Computer Science, Software Engineering, Electrical Engineering or related field with strong embedded software development background.
• 5+ years of experience in embedded controls development with at least 3 years implementing and testing cybersecurity features.
• Experience in full software lifecycle including requirements, design, coding, integration and verification.
• Experience integrating on real-time, safety-critical electronic control systems that include hardware, software and programmable logic devices.
• Experience with implementing cybersecurity capabilities leveraging features/components including any of the following; secure boot, cryptographic accelerators, Trusted Execution Environments (TEEs), Trusted Platform Modules (TPMs) or Hardware Security Modules (HSMs).
• Understanding of purpose and usage of; cryptographic objects: Keys, Certs, CRLs; algorithms: SHA, AES, RSA, ECC, HMAC, GMAC, etc., and protocols: TLS/DTLS, IPSec, etc.
• Solid knowledge and hands-on experience with C/C++, Python and assembly language programming
• Experience performing static/dynamic code analysis.Technical writing skills: capable of creating required engineering documentation.

PREFERRED EDUCATION, EXPERIENCE, & SKILLS

• Master’s Degree in related engineering field
• 5+ years of experience in avionics or electronic controls embedded development, including familiarity with systems such as flight controls, engine controls or mission systems, with at least 3 years of product security experience.
• CSSLP certification or equivalent certification
• Experience applying any of the following security processes; DoD Risk Management Framework (RMF), DO-326A Airworthiness Security Process Specification or ISO-21434 Road Vehicle Security.
• Experience with MITRE’s CVEs, CWEs, CAPEC and ATT&CK.
• Experience with Multi-core and ARM processing hardware.
• Experience with safety critical development guidelines including ARP4754, DO-178B/C, DO-254, ISO-26262 or equivalent safety process requirements.
• Demonstrated experience providing technical leadership
• Team player with a proactive attitude and the ability to be productive in a dynamic/collaborative environment
• Strong oral and written communications skills
• Motivated self-starter with good problem solving skills, judgment, and analytical capability, with good planning and organizational skills

• Architecting software cybersecurity features into a real-time safety critical embedded control system.
• Implementing cybersecurity features in software interfacing directly with hardware components as part of a cybersecurity board support package.
• Implementing cybersecurity features in software at an application level including protection of data at rest and in transit.
• Integrating cybersecurity features with existing software product code bases.
• Applying cybersecurity standards, guidelines and best practices for the development of cybersecurity software.

What We Offer:

• A dynamic and collaborative work environment
• Opportunities to work on cutting-edge projects that make a real difference
• Professional development opportunities to help you grow your skills and career
• A competitive salary and benefits package

• A culture of innovation, inclusivity, and respectHybrid work schedule where you balance your work on site and remote