Sr. Security Engineer
Supernal is at the forefront of creating emerging mobility solutions that will foster the development of human-centered cities. We are designing a completely new electric vertical take-off and landing (eVTOL) aircraft tailored to the mobility needs of future cities. This allows passengers a seamless intermodal journey that safely transports them to their final destination. We fuse research in autonomy, robotics, aviation and services to define a new category of mobility for the world’s communities. We believe in creative thinking and collaboration to help build a better mobility experience for everyone, improving people’s ability to move – whether for work or play.
What we do:
The Sr. Security Engineer should have a strong background in security of cyber-physical products and will drive product cyber process, define and implement policy, build security architecture, monitor implementation including vehicle and ground systems and connectivity of them as well as with other systems. This person will serve as a problem-solver, exhibits a can-do attitude and approaches their work with passion and determination. This role will work closely with engineering team members, colleagues from other organizations, customers, and contractors to support the overall success of the company.
What you can do:
- Create detailed cyber security policies as needed
- Provide product security related certification support
- Build and implement product cybersecurity solutions for both ground and vehicle systems
- Drive articulation and alignment of product security strategy and collaboration with other organizations
- Provide direction and advice on emerging threats, vulnerabilities, and security practices
- Partner with architects to define robust security architecture for embedded and IMA avionics components
- Coordinate with software developers and DevOps to efficiently implement all security measures and promote guidelines on standard security methodologies during software/sophisticated electronic hardware development
What you can contribute:
- Bachelor's Degree in Computer Engineering, Electrical Engineering, or equivalent fields
- 5+ years of prior experience working as a cyber security architect or tech lead, hands on experience on embedded system cyber security for automotive or aerospace products, as well as cloud cyber security (an equivalent combination of education and experience may be considered)
- Experience in architectural definition of robust security solutions using all possible technologies including access control, encryption, key and certificates management, firewall, VPN, etc.
- Experience working in hybrid-cloud environment, using leading public cloud services. Familiar with VM, containers, and Sql or NoSql Databases
- Experienced with RTCA DO-326A aerospace cyber security standard and implementation
- Solid understanding of embedded Linux security, such as Public Key Infrastructure (PKI) mechanisms and protection
- Deep understanding of security vulnerabilities and attacks and the ability to mitigate and resolve them
- Ability to use OWASP tools to coordinate penetration testing
- Hold security-related certifications such as Certified Information Systems Security Professional (CISSP), AWS Certified Solutions Architect, Azure security certification, etc
- Detailed knowledge of cloud services and distributed system architectures
- Understanding of airborne systems engineering and/or aircraft development process in different phases of the system life cycle: requirements management, functional decomposition, development of ICDs system architecture definition, integration, and system validation/verification
- Experience working with government regulatory agencies
- Excellent verbal and written communication skills
- Excellent organizational skills and attention to detail
- Able to work well both individually and in a team environment.
- Proclivity to independently prioritize and accomplish work efficiently within time constraints
- Self-motivated and a forward-thinking personality
You may also be able to contribute:
- Advanced degree in Cyber Security preferred
- Prior working experience as a Site Reliability Engineer (SRE) or in DevOps is a plus.
Any offer of employment is conditioned upon the successful completion of a background check. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, citizenship, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. Individuals with disabilities may request to be provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation at: email@example.com
The job responsibilities of this position require access to certain technology and/or software source code subject to U.S. export control laws and certain software that can only be used and accessed by U.S. Persons. Accordingly, this position is limited to applicants that are US Persons, i.e., U.S. citizens, lawful permanent residents as defined by 8 U.S.C. 1101(a)(20),or protected individuals as defined by 8 U.S.C. 1324b(a)(3).