Engineer, Aviation Cybersecurity
Description:
Focus: Systems, Scripting, Automation, Cloud, Logging, and PKI Security
Engineer, Systems, Automation & Logging (ANSP Program)
FOCUS
• Ensure secure aircraft, ground, and communications systems relied upon for our ANSP Program, with concentrated attention towards systems, scripting, automation, cloud, logging, and PKI security.
RESPONSIBILITIES
• Develop and implement automated security solutions for vulnerability scanning, log analysis, and security configuration management.
• Design and implement centralized log management systems.
• Automate security tasks and manage systems using scripting languages (Python, PowerShell, Bash).
• Secure cloud environments (AWS, Azure) through automation and configuration management.
• Manage PKI infrastructure, including certificate lifecycle management and key management.
• Collaborate with system administrators and stakeholders to enhance security posture.
• Stay current on the latest security technologies and automation techniques.
• Define security baselines (e.g., CIS benchmarks) for Windows and Linux servers in aviation environments and automate the process of checking and enforcing these baselines using tools like Ansible/Puppet and scripting.
SKILLS
• Cybersecurity & Automation Expertise: Requires 3-5+ years of progressive cybersecurity engineering experience with a strong focus on systems security, security automation, log management, cloud, and PKI.
• Strong Scripting & Automation Skills: Proficiency in scripting languages (Python, PowerShell, Bash) for security automation and system management. Deep experience with automation frameworks (Ansible, Puppet, Chef, Terraform) and CI/CD tools (Jenkins, GitLab CI/CD, Azure DevOps) to build and deploy automated security solutions.
• Log Management & SIEM Expertise: Deep understanding of log management principles, technologies, and SIEM solutions (Securonix, Sentinel, Event Hubs, Graylog, Logstash, Fluentd) for log collection, analysis, correlation, and security monitoring.
• Cloud & PKI Security Focus: Expertise in cloud security (AWS or Azure), leveraging cloud APIs and security services (AWS Security Hub, Azure Security Center, AWS Lambda, Grafana). Extensive experience with PKI, including certificate lifecycle management, key management, and PKI infrastructure administration.
• Security Automation & Tool Integration: Ability to leverage tools like Tanium and Dynatrace (or similar) to automate security tool deployment and configuration in both on-premises and cloud environments.
PREFERRED CERTIFICATIONS
• CISSP (Certified Information Systems Security Professional)
• CCSP (Certified Cloud Security Professional)
• CompTIA Security+
• AWS Certified Security – Specialty
• Microsoft Certified: Azure Security Engineer Associate
TOOLS AND TECHNOLOGIES
Scripting & Automation:
• Scripting Languages: Python, PowerShell, Bash
• Automation Frameworks: Ansible, Puppet, Chef, Terraform
• CI/CD Tools: Jenkins, GitLab CI/CD, Azure DevOps (for security automation)
Cloud Platforms (AWS or Azure Focus):
• Cloud APIs & SDKs: (AWS SDK, Azure SDK)
• Cloud Security & Monitoring Services: (AWS Security Hub, Azure Security Center, CloudWatch, Azure Monitor)
• Data Visualization: Grafana, Kibana or similar
Logging & Monitoring (SIEM/Log Management):
• SIEM Platforms: (e.g., Securonix, Sentinel, Splunk)
• Log Management Tools: (e.g., Graylog, ELK/Elastic Stack, Fluentd)