PAC Panasonic Avionics Corporation
Manager, Cybersecurity
PAC Panasonic Avionics Corporation, Irvine, California, United States, 92713
Overview:
Manager, Cybersecurity Responsibilities: Our new global headquarters is conveniently located in Irvine, CA near John Wayne Airport in the Park Place development. For our onsite and hybrid employees you will be able to enjoy amenities such as access to many restaurants and shops, running trails, a fitness deck, outdoor seating, dry cleaning, car wash, free garage parking, car charging stations, shuttle service for train commuters, outdoor games like bocce, horseshoes, gaming tables, pickle ball, and basketball. For more information on Park Place visit parkplaceirvine.com. Who We Are: Ever wonder who brings the entertainment to your flights? Panasonic Avionics Corporation is #1 in the industry for delivering inflight products such as movies, games, WiFi, and now Bluetooth headphone connectivity! How exciting would it be to be a part of the innovation that goes into creating technology that delights millions of people in an industry thats here to stay! With our companys history spanning over 40 years, you will have stability, career growth opportunities, and will work with the brightest minds in the industry. And we are committed to a diverse and inclusive culture that will help our organization thrive! We seek diversity in many areas such as background, culture, gender, ways of thinking, skills and more. If you want to learn more about us visit us at www.panasonic.aero. And for a full listing of open job opportunities go to www.panasonic.aero/join-us/. The Position:
JOB SUMMARY Manages the overall security of PACs IFEC products and services in accordance with aviation-specific security standards and best practices. Responsible for securing and testing PAC products that are integrated into ground and aircraft networks. Provides strategic and tactical guidance to business decision-makers in identifying and mitigating security vulnerabilities. Responsible for identifying, evaluating, and reporting on security risks in a manner that meets or exceeds compliance and regulatory requirements. Oversee security testing activities and be the primary resource responsible for ensuring application security testing is conducted according to industry best practices. MAJOR RESPONSIBILITIES Product Security Works closely with the Product Engineering team to review technical documents for products or software solutions to ensure security is integrated into the PAC products. Review technical designs and ensure alignment with Aviation Industry Security Standards and technical bulletins. Manages the ongoing vulnerability, scanning, and assessment process and partners with other IT teams to resolve vulnerabilities in a timely manner to maintain compliance. Manages team of Product Security Engineers tasked with management of security tools, systems and processes including - Logging / PKI certificate management / airside system and network security / vulnerability assessment / regulatory compliance. Technical expertise within Product Security who represents Panasonic Avionics Corporation in technical discussions with our airline customers or OEM manufacturers Reduce regulatory compliance risk due to the inability to demonstrate compliance with various security controls for ISO27001:2022 certifications and OEM security audits Key participant in the Aviation ISAC to manage and remediate cyber risk through threat intelligence sharing and best practices. Maintain and coordinate PKI certification operations and HSM signing services to support PAC business operations. Product Security Operations Responsible for aircraft security log implementation and log collection to support PACs airline customers security monitoring programs. Lead product securitys vulnerability management and penetration testing programs to support aircraft hardware and software. Participate in OEM product security audits and remediate security findings to support OEM security standards and provide technical guidance to various business units. Troubleshoot security event logging technology and input into log correlation architecture Develop enabling anomaly detection technology requirements and drive successful implementation for PAC products in the aircraft to improve security posture and assurance. Use the integrated information to detect and respond to system attacks Maintain an understanding of the current vulnerabilities, response, and mitigation strategies used in security operations Coordinate with SWE and Product Engineer Management to resolve Product security design defects or vulnerabilities that are identified in aircraft hardware and software Lead PCI-SSF Payment application recertification for Panasonic Avionics payment applications Provide the metrics and reporting framework to measure the efficiency and effectiveness of the security programs, facilitate appropriate resource allocation, and increase the maturity of the information security. Incident Response Experience in information security incident response and operational management Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action Analyze and report cyber threats as well as assist in deterring, identifying, monitoring, investigating and analyzing computer network intrusions Coordinate the development of implementation of incident response plans and procedures to ensure that business-critical services are recovered in the event of a security event; provide direction, support and in-house consulting in these areas Test incident response capabilities
The salary or hourly wage range of $131,000 $220,000 is just one component of Panasonics total package. The final offer amount may vary based on factors including but not limited to individuals knowledge, skills, experience, and location. In addition, this role may be eligible for discretionary bonuses and incentives. The minimum hourly wage for this role will be the greater of the posted range, or minimum wage for the location where the employee will be working, subject to local minimum wage requirements. What Were Looking For:
KNOWLEDGE/SKILL REQUIREMENTS Articulate with strong verbal and written communication skills; interpersonal and collaborative skills; and the ability to communicate security and risk-related concepts to technical and non-technical audiences. Must be a critical thinker with strong problem-solving skills. Lead OEM Audits and ensure that PACs cybersecurity program aligns with aviation industry standards and best practices. Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals. Knowledge of security and control frameworks such as those defined by NIST, PCI-DSS, and OEM security standards. Deep understanding of security architecture and engineering discipline, processes, concepts and best practices. High degree of initiative, dependability and ability to work both collaboratively and independently. Works with other Executives and Senior Managers to establish strategic plans and objectives. Makes final decisions on administrative or operational matters and ensures operational goal achievement. Works on complex issues where analysis of situations or data requires an in-depth knowledge of the company. Participates in corporate development of methods, techniques and evaluation criteria for projects, programs, and people. Deep understanding of cryptography, authentication, authorization, network security protocols, and product security implementation. EDUCATION/EXPERIENCE REQUIREMENTS Bachelors degree in Information Systems or related field. (Masters degree a plus) Industry certifications such as CISSP, CCSP, CISM, GCIH, GSEC or equivalent experience Hold a current penetration testing certification such as GPEN, CEH, and/or OSCP 5 years of related work experience with product security, secure software development, risk assessment, or vulnerability management Experience with large security control testing programs and/or security projects, e.g. product hardware control testing, product software testing, and security implementation of products with aircraft. Prior experience with information security frameworks, secure network architecture and design, cloud computing, and secure application architecture/design preferred. Knowledge of applicable industry standards, leading security practices, and regulatory requirements Demonstrated acumen in the security protection of IT systems and processes. Maintains network service operational resiliency by risk-based assessments and architectural alignment. Creates awareness of emerging vulnerabilities, develops remediation plans and ensures effective communication of any impact to company products and services. Remain current on constantly emerging Cybersecurity threats to ensure continual protection of assets and company/customer information. Full management authority concerning staffing, performance appraisals, promotions, salary recommendations, performance management and terminations. Collaborate with key subject matter experts, both internal and external to analyze and assess the current and future threat landscape. Develop and continuously improve a comprehensive security program that addresses identified risks. Our Principles:
Contribution to Society | Fairness & Honesty | Cooperation & Team Spirit | Untiring Effort for Improvement | Courtesy & Humility | Adaptability | Gratitude
What We Offer:
At Panasonic Avionics Corporation we realize the most important aspects in leading our industry are the bright minds behind everything we do. We are proud to offer our employees a highly competitive, comprehensive, and flexible benefits program.
Paid time off: Exempt Salaried employees receive flexible paid time off. This means that there is no fixed number, range, or limit to the amount of Personal and Vacation Days that may be taken for exempt employees. Non-exempt hourly employees accrue 14 vacation days per year + 7 sick days + 3 personal days. Accrual rate increases with tenure. All employees receive 11 company paid holidays per year. We also close our offices at the corporate level in the U.S. between Christmas and New Year. For operational positions that are expected to work on holidays, we provide additional compensation for hours worked.
Health Insurance: Medical insurance offerings from Aetna and Kaiser (CA &HI). Options for Employee Only, Employee + Spouse/Domestic Partner, Employee + Children, or Family. Dental PPO and DMO options & Vision insurance through EyeMed or VSP.
401K with 50% match on up to 8% contribution, full vested from day 1.
Washington residents only are eligible for: Washingtons Family and Medical Leave program and Washingtons Paid Sick Leave program.
Other offerings include: Wellness Program, Counseling services, FSA & HSA, Life Insurance for employee, spouse and child, AD&D Insurance, Long-term and Short-term disability, Critical Illness Insurance, Accident Insurance, Legal Assistance, Pet Insurance, Identity Theft Protection, Dependent Care FLSA, Education Assistance, Commuter Program, Employee Purchase Program, Service Award Program. All applicants are subject to Company policies, third party customer and worksite requirements, and government requirements, regarding vaccination and/or testing for COVID-19. Where permitted by applicable law, applicants may be required to be fully vaccinated with an authorized COVID-19 vaccine as a condition of employment, unless they are eligible for and obtain an exemption based on a reasonable accommodation because of a disability or a sincerely held religious belief, practice, or observance. While the Company strongly encourages COVID-19 vaccinations, it may require vaccination and/or testing for positions in which third party customer, worksite, or government requirements apply, in accordance with applicable law. At those locations where requirements apply, exemptions will be considered based on applicable law.
Panasonic is proud to be an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, national origin, disability status, protected veteran status, and any other characteristic protected by law or company policy. All qualified individuals are required to perform the essential functions of the job with or without reasonable accommodation. Pre-employment drug testing is required for safety sensitive positions or as may otherwise be required by contract or law. Due to the high volume of responses, we will only be able to respond to candidates of interest. All candidates must have valid authorization to work in the U.S. Thank you for your interest in Panasonic Avionics Corporate.
Manager, Cybersecurity Responsibilities: Our new global headquarters is conveniently located in Irvine, CA near John Wayne Airport in the Park Place development. For our onsite and hybrid employees you will be able to enjoy amenities such as access to many restaurants and shops, running trails, a fitness deck, outdoor seating, dry cleaning, car wash, free garage parking, car charging stations, shuttle service for train commuters, outdoor games like bocce, horseshoes, gaming tables, pickle ball, and basketball. For more information on Park Place visit parkplaceirvine.com. Who We Are: Ever wonder who brings the entertainment to your flights? Panasonic Avionics Corporation is #1 in the industry for delivering inflight products such as movies, games, WiFi, and now Bluetooth headphone connectivity! How exciting would it be to be a part of the innovation that goes into creating technology that delights millions of people in an industry thats here to stay! With our companys history spanning over 40 years, you will have stability, career growth opportunities, and will work with the brightest minds in the industry. And we are committed to a diverse and inclusive culture that will help our organization thrive! We seek diversity in many areas such as background, culture, gender, ways of thinking, skills and more. If you want to learn more about us visit us at www.panasonic.aero. And for a full listing of open job opportunities go to www.panasonic.aero/join-us/. The Position:
JOB SUMMARY Manages the overall security of PACs IFEC products and services in accordance with aviation-specific security standards and best practices. Responsible for securing and testing PAC products that are integrated into ground and aircraft networks. Provides strategic and tactical guidance to business decision-makers in identifying and mitigating security vulnerabilities. Responsible for identifying, evaluating, and reporting on security risks in a manner that meets or exceeds compliance and regulatory requirements. Oversee security testing activities and be the primary resource responsible for ensuring application security testing is conducted according to industry best practices. MAJOR RESPONSIBILITIES Product Security Works closely with the Product Engineering team to review technical documents for products or software solutions to ensure security is integrated into the PAC products. Review technical designs and ensure alignment with Aviation Industry Security Standards and technical bulletins. Manages the ongoing vulnerability, scanning, and assessment process and partners with other IT teams to resolve vulnerabilities in a timely manner to maintain compliance. Manages team of Product Security Engineers tasked with management of security tools, systems and processes including - Logging / PKI certificate management / airside system and network security / vulnerability assessment / regulatory compliance. Technical expertise within Product Security who represents Panasonic Avionics Corporation in technical discussions with our airline customers or OEM manufacturers Reduce regulatory compliance risk due to the inability to demonstrate compliance with various security controls for ISO27001:2022 certifications and OEM security audits Key participant in the Aviation ISAC to manage and remediate cyber risk through threat intelligence sharing and best practices. Maintain and coordinate PKI certification operations and HSM signing services to support PAC business operations. Product Security Operations Responsible for aircraft security log implementation and log collection to support PACs airline customers security monitoring programs. Lead product securitys vulnerability management and penetration testing programs to support aircraft hardware and software. Participate in OEM product security audits and remediate security findings to support OEM security standards and provide technical guidance to various business units. Troubleshoot security event logging technology and input into log correlation architecture Develop enabling anomaly detection technology requirements and drive successful implementation for PAC products in the aircraft to improve security posture and assurance. Use the integrated information to detect and respond to system attacks Maintain an understanding of the current vulnerabilities, response, and mitigation strategies used in security operations Coordinate with SWE and Product Engineer Management to resolve Product security design defects or vulnerabilities that are identified in aircraft hardware and software Lead PCI-SSF Payment application recertification for Panasonic Avionics payment applications Provide the metrics and reporting framework to measure the efficiency and effectiveness of the security programs, facilitate appropriate resource allocation, and increase the maturity of the information security. Incident Response Experience in information security incident response and operational management Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action Analyze and report cyber threats as well as assist in deterring, identifying, monitoring, investigating and analyzing computer network intrusions Coordinate the development of implementation of incident response plans and procedures to ensure that business-critical services are recovered in the event of a security event; provide direction, support and in-house consulting in these areas Test incident response capabilities
The salary or hourly wage range of $131,000 $220,000 is just one component of Panasonics total package. The final offer amount may vary based on factors including but not limited to individuals knowledge, skills, experience, and location. In addition, this role may be eligible for discretionary bonuses and incentives. The minimum hourly wage for this role will be the greater of the posted range, or minimum wage for the location where the employee will be working, subject to local minimum wage requirements. What Were Looking For:
KNOWLEDGE/SKILL REQUIREMENTS Articulate with strong verbal and written communication skills; interpersonal and collaborative skills; and the ability to communicate security and risk-related concepts to technical and non-technical audiences. Must be a critical thinker with strong problem-solving skills. Lead OEM Audits and ensure that PACs cybersecurity program aligns with aviation industry standards and best practices. Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals. Knowledge of security and control frameworks such as those defined by NIST, PCI-DSS, and OEM security standards. Deep understanding of security architecture and engineering discipline, processes, concepts and best practices. High degree of initiative, dependability and ability to work both collaboratively and independently. Works with other Executives and Senior Managers to establish strategic plans and objectives. Makes final decisions on administrative or operational matters and ensures operational goal achievement. Works on complex issues where analysis of situations or data requires an in-depth knowledge of the company. Participates in corporate development of methods, techniques and evaluation criteria for projects, programs, and people. Deep understanding of cryptography, authentication, authorization, network security protocols, and product security implementation. EDUCATION/EXPERIENCE REQUIREMENTS Bachelors degree in Information Systems or related field. (Masters degree a plus) Industry certifications such as CISSP, CCSP, CISM, GCIH, GSEC or equivalent experience Hold a current penetration testing certification such as GPEN, CEH, and/or OSCP 5 years of related work experience with product security, secure software development, risk assessment, or vulnerability management Experience with large security control testing programs and/or security projects, e.g. product hardware control testing, product software testing, and security implementation of products with aircraft. Prior experience with information security frameworks, secure network architecture and design, cloud computing, and secure application architecture/design preferred. Knowledge of applicable industry standards, leading security practices, and regulatory requirements Demonstrated acumen in the security protection of IT systems and processes. Maintains network service operational resiliency by risk-based assessments and architectural alignment. Creates awareness of emerging vulnerabilities, develops remediation plans and ensures effective communication of any impact to company products and services. Remain current on constantly emerging Cybersecurity threats to ensure continual protection of assets and company/customer information. Full management authority concerning staffing, performance appraisals, promotions, salary recommendations, performance management and terminations. Collaborate with key subject matter experts, both internal and external to analyze and assess the current and future threat landscape. Develop and continuously improve a comprehensive security program that addresses identified risks. Our Principles:
Contribution to Society | Fairness & Honesty | Cooperation & Team Spirit | Untiring Effort for Improvement | Courtesy & Humility | Adaptability | Gratitude
What We Offer:
At Panasonic Avionics Corporation we realize the most important aspects in leading our industry are the bright minds behind everything we do. We are proud to offer our employees a highly competitive, comprehensive, and flexible benefits program.
Paid time off: Exempt Salaried employees receive flexible paid time off. This means that there is no fixed number, range, or limit to the amount of Personal and Vacation Days that may be taken for exempt employees. Non-exempt hourly employees accrue 14 vacation days per year + 7 sick days + 3 personal days. Accrual rate increases with tenure. All employees receive 11 company paid holidays per year. We also close our offices at the corporate level in the U.S. between Christmas and New Year. For operational positions that are expected to work on holidays, we provide additional compensation for hours worked.
Health Insurance: Medical insurance offerings from Aetna and Kaiser (CA &HI). Options for Employee Only, Employee + Spouse/Domestic Partner, Employee + Children, or Family. Dental PPO and DMO options & Vision insurance through EyeMed or VSP.
401K with 50% match on up to 8% contribution, full vested from day 1.
Washington residents only are eligible for: Washingtons Family and Medical Leave program and Washingtons Paid Sick Leave program.
Other offerings include: Wellness Program, Counseling services, FSA & HSA, Life Insurance for employee, spouse and child, AD&D Insurance, Long-term and Short-term disability, Critical Illness Insurance, Accident Insurance, Legal Assistance, Pet Insurance, Identity Theft Protection, Dependent Care FLSA, Education Assistance, Commuter Program, Employee Purchase Program, Service Award Program. All applicants are subject to Company policies, third party customer and worksite requirements, and government requirements, regarding vaccination and/or testing for COVID-19. Where permitted by applicable law, applicants may be required to be fully vaccinated with an authorized COVID-19 vaccine as a condition of employment, unless they are eligible for and obtain an exemption based on a reasonable accommodation because of a disability or a sincerely held religious belief, practice, or observance. While the Company strongly encourages COVID-19 vaccinations, it may require vaccination and/or testing for positions in which third party customer, worksite, or government requirements apply, in accordance with applicable law. At those locations where requirements apply, exemptions will be considered based on applicable law.
Panasonic is proud to be an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, national origin, disability status, protected veteran status, and any other characteristic protected by law or company policy. All qualified individuals are required to perform the essential functions of the job with or without reasonable accommodation. Pre-employment drug testing is required for safety sensitive positions or as may otherwise be required by contract or law. Due to the high volume of responses, we will only be able to respond to candidates of interest. All candidates must have valid authorization to work in the U.S. Thank you for your interest in Panasonic Avionics Corporate.