Clearance Jobs
Security Engineer
The Federal Aviation Administration (FAA) Voice Switch and Recorder (VS&R) Program Office manages seven different programs that provide critical voice communications and legal recording systems that perform critical, high availability Air Traffic Control (ATC) communications within the FAA's National Airspace System (NAS). The VS&R Program Office is responsible for acquisition of modern Internet Protocol (IP) ATC Voice Communications Systems (VCSs), which includes development of requirements, procurement, verification, validation, testing, implementation and deployment. The VS&R Program Office also manages the full life cycle sustainment and logistics for the existing legacy ATC VCSs that are currently in use throughout the NAS. The FAA Security Engineer will provide hands-on cybersecurity support to the FAA Security Lead and Technical Team at the William J. Hughes Technical Center for Advanced Aerospace to help FAA achieve security and technical milestones for the procurement, verification, validation, test and deployment of modern IP-VCSs and Air-to-Ground Protocol Converters (APCs). The Security Engineer will provide technical expertise on system implementations used to address security controls and will analyze, investigate and track security risks and/or issues on FAA and vendor systems, using common standards, certifications and methods. The Security Engineer will also utilize system hardening knowledge, Linux skills to generate security artifacts and collaborate with stakeholders from other functional and technical organizations to achieve security authorization for FAA ATC VCS systems and tools. Required Qualifications: Bachelor of Science in Computer Science, Information System Security, Cybersecurity or similar discipline, plus 6-15 years of relevant hands-on experience. Linux System Administration: Robust, hands-on experience on the Linux terminal, writing bash scripts, configuring packages and servers). Extensive understanding of Linux operating system structure and configuration (e.g. directory structure, device files, network configuration) Strong experience developing, configuring and using automation tools such as Ansible, Docker, Jenkins, etc. Networking: Working understanding of the OSI Model, including hands-on skills and knowledge of system networking, network design, VLAN/subnetting, configuring and managing routers & switches Knowledge of network protocol interactions Experience using and understanding network protocol analyzers, such as Wireshark Understanding of IPv5 addressing, subnetting (IPv6 knowledge a plus) Experience with firewall configuration System Security: Experience with system, port scanning & vulnerability scanning, including hands-on analysis of findings, validation findings are accurate/applicable and remediation of all findings Working knowledge of security standards, including NIST 800-53, HSPD-23, and ISO 27001 Experience performing system penetration testing to verify security controls are effective. Familiarity with cryptographic protocols (asymmetric/symmetric ciphers, hashing, key exchange) From a system procurement perspective, experience documenting security requirements for Statements of Work (SOWs), Contract Data Requirements Lists (CDRLs), and Data Item Descriptions (DIDs) Desired Qualifications: Knowledge of the Federal Aviation Administration (FAA) Knowledge of the FAA National Airspace System (NAS) Strong logic/reasoning skills (e.g., can understand/analyze requirements, and identify logical gaps) Experience conducting and participating in technical interchange meetings Strong, clear verbal and written communication skills Understanding of C/C++, Python, Golang, or Rust a plus Usage of version control software (e.g., Git) Knowledge of software design patterns and anti-patterns Familiarity with embedded Linux system design and implementation, including performance optimization, is a plus Understanding of common software data structures and algorithms
The Federal Aviation Administration (FAA) Voice Switch and Recorder (VS&R) Program Office manages seven different programs that provide critical voice communications and legal recording systems that perform critical, high availability Air Traffic Control (ATC) communications within the FAA's National Airspace System (NAS). The VS&R Program Office is responsible for acquisition of modern Internet Protocol (IP) ATC Voice Communications Systems (VCSs), which includes development of requirements, procurement, verification, validation, testing, implementation and deployment. The VS&R Program Office also manages the full life cycle sustainment and logistics for the existing legacy ATC VCSs that are currently in use throughout the NAS. The FAA Security Engineer will provide hands-on cybersecurity support to the FAA Security Lead and Technical Team at the William J. Hughes Technical Center for Advanced Aerospace to help FAA achieve security and technical milestones for the procurement, verification, validation, test and deployment of modern IP-VCSs and Air-to-Ground Protocol Converters (APCs). The Security Engineer will provide technical expertise on system implementations used to address security controls and will analyze, investigate and track security risks and/or issues on FAA and vendor systems, using common standards, certifications and methods. The Security Engineer will also utilize system hardening knowledge, Linux skills to generate security artifacts and collaborate with stakeholders from other functional and technical organizations to achieve security authorization for FAA ATC VCS systems and tools. Required Qualifications: Bachelor of Science in Computer Science, Information System Security, Cybersecurity or similar discipline, plus 6-15 years of relevant hands-on experience. Linux System Administration: Robust, hands-on experience on the Linux terminal, writing bash scripts, configuring packages and servers). Extensive understanding of Linux operating system structure and configuration (e.g. directory structure, device files, network configuration) Strong experience developing, configuring and using automation tools such as Ansible, Docker, Jenkins, etc. Networking: Working understanding of the OSI Model, including hands-on skills and knowledge of system networking, network design, VLAN/subnetting, configuring and managing routers & switches Knowledge of network protocol interactions Experience using and understanding network protocol analyzers, such as Wireshark Understanding of IPv5 addressing, subnetting (IPv6 knowledge a plus) Experience with firewall configuration System Security: Experience with system, port scanning & vulnerability scanning, including hands-on analysis of findings, validation findings are accurate/applicable and remediation of all findings Working knowledge of security standards, including NIST 800-53, HSPD-23, and ISO 27001 Experience performing system penetration testing to verify security controls are effective. Familiarity with cryptographic protocols (asymmetric/symmetric ciphers, hashing, key exchange) From a system procurement perspective, experience documenting security requirements for Statements of Work (SOWs), Contract Data Requirements Lists (CDRLs), and Data Item Descriptions (DIDs) Desired Qualifications: Knowledge of the Federal Aviation Administration (FAA) Knowledge of the FAA National Airspace System (NAS) Strong logic/reasoning skills (e.g., can understand/analyze requirements, and identify logical gaps) Experience conducting and participating in technical interchange meetings Strong, clear verbal and written communication skills Understanding of C/C++, Python, Golang, or Rust a plus Usage of version control software (e.g., Git) Knowledge of software design patterns and anti-patterns Familiarity with embedded Linux system design and implementation, including performance optimization, is a plus Understanding of common software data structures and algorithms