DescriptionJOB SUMMARY:
The Senior Cybersecurity Systems Engineer will act as the lead cybersecurity engineer on complex projects to drive activities using a methodical threat modeling and risk mitigation approach to meeting the security needs of the product. The senior cybersecurity systems engineer will ideally have experience implementing secure designs on embedded devices. Cybersecurity Systems Engineers are expected to work influentially by proactively identifying system security gaps and facilitating resolution among a diverse group of project stakeholders. The Senior Cybersecurity Systems Engineer must operate as a lead practitioner in many of the cybersecurity competencies, and some of the systems engineering professional and management competencies.
ESSENTIAL/PRIMARY DUTIES:
- Oversees and is accountable for threat models and cybersecurity risk assessments.
- Optimizes the use of automated tools for generation and review of security artifacts such as software bill of materials, static and dynamic code security testing, and vulnerability management reports.
- Leads incident response preparation and planning sessions.
- Applies and trains team members on methods of estimating cybersecurity risks such as common vulnerability scoring system, common weakness scoring system, STRIDE, and other various methods.
- Consistently applies quality management practices, regulatory requirements, and industry standards to Midmark products.
- Validates project risks, engages with executives to communicate high-level risks.
- Influences change across disciplines and functions.
- Works on complex and ambiguous problems, researches and proposes innovative solutions.
- Communicates complex technical ideas through daily work, presentations, and workshops.
- Relies on higher-level staff for guidance but performs most assignments with a high degree of latitude. Handles the most complex issues. Possesses expert knowledge of subject matter.
SECONDARY DUTIES:
- Collaborates with teams and management to make critical technical decisions that align with organizational goals.
- Leads efforts to create IP assets that drive innovation and market differentiation.
- Establishes standardized processes, analyzes process metrics.
- Creates onboarding guidance documents and heavily involved in onboarding new teammates.
EDUCATION and/or EXPERIENCE:
Bachelor’s degree in electrical, software, computer, or systems engineering and 6+ years of relevant experience, or equivalent combination of both. Holds a green belt in DFSS. INCOSE ASEP or CSEP and ISC2 CC or CISSP certifications or ability to obtain certifications within 2 years of employment.
COMPETENCY and/or SKILL:
- Expert knowledge of:
- Resolving complex project cybersecurity issues
- Leading design efforts of complex interconnected systems with assistance from more senior teammates
- Basic engineering tools and methods (i.e., use of oscilloscopes, logic analyzers, JTAG hardware debuggers, and other test equipment)
- FDA, NIST, and ISO regulations and concepts
- Requirements management software tools (Jama, DOORS, or another tool)
- Agile development methodology and use of tools (i.e., Atlassian and Git)
- Improvement of process effectiveness and efficiency
- Advanced data collection and analysis skills to solve complex issues
- Use of Microsoft Office Suite
- Comprehensive knowledge of:
- Cybersecurity risk-management processes and assessments
- Systems modeling and analysis techniques
- Configuration management processes and concepts
- Understanding of the importance of quality in engineering projects
- Working knowledge of:
- Applying critical thinking skills to identify root causes and propose solutions
- Effective communication within the team and ability to escalate issues when needed
SUPERVISORY RESPONSIBILITIES:
- Mentors engineer II & III teammates, focusing on technical skills, leadership skills, and cultural competencies.