Product Security Specialist

Recruiter
Location
Cheltenham, United Kingdom
Salary
Competitive
Posted
18 May 2018
Closes
11 Jun 2018
Ref
1409868
Clearance Level
None / Undisclosed, SC
Sector
Aerospace
Job Type
Permanent
Cheltenham, United Kingdom

Business:
    GE Aviation
Function:
    Digital Technology
Role Summary/Purpose:
    We are looking for a Product Security Specialist with a focus on security analysis and testing. In this role, you will work in a team to analyse and test airborne products for potential vulnerabilities and security risks and part of the team securing GE Aviation System's products.
Essential Responsibilities:
  • Scope and perform avionics product risk assessments
  • Engage in threat modelling and attack surface analysis/reduction
  • Generate security requirements based on risk assessments and utilize best practices to meet them
  • Support the maintenance of cyber Bills of Materials and conduct proactive vulnerability monitoring and assessment on cyber components
  • Scope and conduct security risk and penetration testing
  • Create and track meaningful metrics around product cyber risk and compensating controls
  • Administer End of Life processes for components integrated in products
  • Create vulnerability and incident trend analysis to improve product design
  • Help prepare reports at appropriate levels of confidentiality for stakeholders to view
Qualifications/Requirements:
    Degree in Computer Engineering or in a STEM major (Science, Technology, Engineering, or Math) or equivalent
Desired Characteristics:
  • Experience or interest in (embedded system) cybersecurity
  • Experience or interest in aviation and avionics
  • Experience with software development including secure coding principles and techniques such as code signing or secure boot
  • Experience with complex hardware development including FPGA, CPLD or ASIC
  • Experience or interest in cybersecurity frameworks (e.g. NIST 800-53, ISO 27001, IEC62443) implementation and governanceExperience or interest in risk identification and evaluation techniques (e.g. NIST 800-30, Microsoft STRIDE/DREAD)
  • #DTR#LI-MH1

Similar jobs

Similar jobs