United Technologies Corporation Principal Systems Engineer - Mission Systems Air Combat Training in Cedar Rapids, Iowa
Job ID: 01379162
City: Cedar Rapids
Country: United States
Category: Systems, Engineering
Job Type: Full Time
United States of America
HIA32: Cedar Rapids, IA 400 Collins Rd NE , Cedar Rapids, IA, 52498-0505 USA
"I feel the need...the need for speed!" If you like the movie "Top Gun", you will love the Test and Training Instrumentation Engineering Department. Are you ready to be a part of an exciting, dynamic team that is working together to perform Systems Engineering tasks and field a state-of-the-art military training system?
The T&TI Engineering Department develops state-of-the-art test and training range products for cryptographic, datalink, networking, and command and control applications. We specialize in the development of high quality, highly secure training solutions for the U.S. military, laying the foundation for Live Virtual Constructive (LVC) capabilities. T&TI Engineering is responsible for all product line and engineering tasks related to the design, analysis, test and certification of Air Combat Training systems, maturing products from concept phase through accreditation and factory production.
The Mission Systems Test and Training Instrumentation (T&TI) is seeking an experienced Cybersecurity Systems Engineer. The Cybersecurity Systems Engineer will evaluate and establish security strategy, identify and analyze security risk, develop and set security architecture and standards.
Execute and refine certification processes to assess the cybersecurity of existing products and services
Gain subject matter expertise in one or more of several Collins products and services
Lead or partner in Cybersecurity Integration Product Teams for product development and lifecycle management
Select mitigating security controls with consideration of utility and cost effectiveness
Work closely with services engineering to define a prioritized roadmap to reduce cybersecurity risk and participate in execution
Lead initial system/service design threat modeling, risk analysis, and documentation of cybersecurity requirements and controls
Work with internal stakeholders to respond to customer security questionnaires (pre and post-sales) and evaluate cybersecurity contractual agreements
Participate in audits conducted by customers or their designated third party
Create reports and briefings for both technical and executive staff to communicate changes to risk landscape and progress on remediation
Participate and develop proposals and bids in cybersecurity solutions in business development pursuits
Lead the selection of cybersecurity tools, services, and processes
Act as primary contributor in the creation of cybersecurity deliverables for system/services such as System Security Plans and Incident Response Plans
Become a recognized authority on the application of cybersecurity in one or more Collins markets, both internally and externally
Partner with peers, business leaders, product managers and the broader digital technology community, to architect for today, to re-imagine the future and to bridge from today to that future
Create and articulate future state architecture via a narrative document, complemented by a detailed strategy, which contains the relevant architecture & design artifacts enabling the business strategy and delivering value our customers will recognize
Collaborate with peers in security, solution, and technical architecture, with respect to the refinement & evolution of security architecture processes & practices, focused around Togaf and Zachman frameworks
Continuous "outside-in" scanning, so as to facilitate continuous learning, hands-on understanding, and adoption of Security Architecture industry standard methodologies & techniques
Capture customer’s use cases, security requirements and controls. Research vendors and technologies to meet those requirements, and score solutions to determine the optimal system outcome
Bridge the gap between customer cybersecurity certification interests and Collins engineering processes to ensure common understanding leading to a successful product solution
Assess and characterize security risk for currently implemented systems and systems to be built. Recommend security risk mitigations and set the risk appetite level for the enterprise
Stay abreast of industry trends and regulations affecting your business partners. Write and influence enterprise security policy
Perform system data categorization and apply security control frameworks corresponding to the required level of data sensitivity
Develop and maintain expertise in one or more cybersecurity certification and approval processes used by the U.S. military and/or foreign national defense organizations
Develop and train young engineering staff on cybersecurity trends, risks, and mitigations to improve their product development and implementation activities
This position requires a Bachelor’s degree in the appropriate discipline and 10 years of relevant experience or an Advanced degree in the appropriate discipline and 7 years of relevant experience. In the absence of a degree, 14 years of relevant experience is required
Multiple Technical certifications, such as Network+, Security+, CCNA Security, CCNP Security, CISA, CISSP, GIAC or other relevant cybersecurity certifications (SANS, EC-Council, etc.)
Demonstrated strong verbal and written communication skills
Excellent presentation skills with the ability to present to a variety of audiences
Broad knowledge of cybersecurity with expertise in at least three domains such as network security, host security, secure system/software development lifecycle, monitoring, etc.
Knowledge of or experience with major security frameworks (e.g. NIST Cybersecurity Framework, ISO/IEC 27001:2013, PCI DSS)
Proven track record as a Security Architect or Technical Lead, crafting new solutions and delivering business outcomes
A minimum of three years experience in Cybersecurity related field
Experience in Cybersecurity product development or Systems Security Engineering
Experience in DoD Risk Management Framework (RMF) Assessment & Authorization (A&A) process
Experience in NSA certifications (e.g. Type-1, Cross Domain Solutions)
Expertise in identification and application of DISA STIGs
Expertise in cybersecurity compliance and vulnerability scanning (e.g. SCAP, ACAS, Penetration Testing)
Familiarity with security control frameworks such as the CIS Critical Security Controls, ISO 27001, FIPS 140-2/3, NIST SP 800-171, and NIST SP 800-53
Desire/ability to learn and implement new technologies
Experience with Agile development methodology
Experience in all aspects of Architecture Design
Certifications such as CISSP
DoD Security Clearance or the ability to obtain a clearance
United Technologies Corporation is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.
Click on this link to read the Policy and Terms
United Technologies Corporation is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age, or any other federally protected class.
Thank you for your interest in a career at United Technologies! We will soon upgrade to an improved job application system to simplify the apply experience. You will still be able to apply to any of our current job openings through December 18, 2018. On January 2, 2019, our new and improved job application system will launch; please check back on that date to see all of our job openings.