Principal Cyber Security Engineer Cubic Corporation
San Diego, CA

Job Description

Business Unit:

Cubic Global DefenseCompany Details:

Cubic offers an opportunity to provide innovative technology for government and commercial customers around the globe, helping to solve their future problems today. We're the leading integrator of payment and information technology and services for intelligent travel solutions worldwide, and the leading provider of realistic combat training systems, secure communications and networking and highly specialized support services for military and security forces of the U.S. and allied nations. If you have an entrepreneurial spirit and thrive in an innovative environment, we want to talk to you about your next role at Cubic! We are seeking employees inspired by technology, and motivated by the rewards of hard work, commitment, teamwork, quality, integrity, and respect. We invite you to explore opportunities with Cubic.Job Details:

Job Summary:

This is an Evergreen Requirement used to target candidates for future needs as Cubic wins new business.

The primary function of this role is to lead the implementation of security solutions, including the ongoing assessment and tracking of adherence to required security guidelines across the business unit. The Principal Cyber Security Engineer works both independently and collaboratively with developers, project managers, project engineers, systems engineers, and software engineers. The primary responsibility for this individual will be the day to day activities/tasks associated with implementing cyber security requirements as it applies to the development and employment of a wide range of products. This includes ensuring adherence to secure development practices during the product life-cycle of software and hardware. This position typically works under limited supervision and direction. Incumbents of this position will regularly exercise discretionary and substantial decision-making authority.

Essential Job Duties and Responsibilities:

* Ensure product development produces all required deliverables of the product lifecycle including training records, threat/risk assessments, cyber requirements, cyber design speciation, secure code reviews, vulnerability reports, test certification report, deployment guides, and completed deployment checklists.
* Administer computing devices/systems that enforce security policies and audit controls in Windows, Linux and Cisco environments
* Orchestrate external audits, penetration tests and vulnerability assessments
* Participate in the application of fixes, patches and disaster recovery procedures in the event of a security breach
* Track, assess, and validate Information Assurance Vulnerability Management (IAVMs), Secure Technical Information Guidelines (STIGs), and new policies as necessary
* Support the interpretation of policies, standards, laws, and regulations regarding technical aspects with respect to Information Security
* Support requirements to accredit DoD Information Technology and Platform Systems
* Resolve problems with minimal interaction from senior engineers and understand escalation procedure
* Participate in continuous process improvement efforts
* Conduct security risk assessments, support periodic government driven reviews, and IA workshops
* Familiarity with the Risk Management Framework (RMF)
* Ability to work with tools such as SD Elements, DOORS, Jira, static code analysis tools, and SonarQube
* Must be able to perform hands-on support for a wide range of security technologies including, but not limited to: SEIM, IDS/IPS, HIDS, malware analysis and protection, content filtering, logical access controls, identity and access management, data loss prevention, content filtering technologies, application firewalls, vulnerability scanners, LDAP, forensics software and security incident response

Minimum Job Requirements:

THIS IS A CLEARED SITE, applicants must hold U.S. Citizenship. The applicant must have a four year college degree in Computer Science or related field plus a minimum of eight years of related experience including four years in cyber security. Must have experience working with compliance and regulatory program requirements. Incumbent must have experience analyzing network, event and security logs, and/or IDS alert logs. Incumbent will have proven organizational skills, specifically managing multiple tasks. Excellent analytical, problem solving and decision making skills, applied with a solution-focused attitude are required. Excellent written communication skills, demonstrating the ability to write with purpose, clarity, and accuracy are expected. Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance and professionalism are required. Incumbent must have excellent teamwork skills. Must have one or more of the following licenses or certificates: CISSP, CISA, CEH, CSSLP, CHFI, CCSP, GCIH, GCIA, PMP, ITIL v3, CompTIA Security +. Experience with DoD programs a plus.

The description provided above is not intended to be an exhaustive list of all job duties, responsibilities and requirements. Duties, responsibilities and requirements may change over time and according to business need.

Worker Type:

Employee