Principal Software Engineer (Security)
Safran Passenger Innovations | Brea | Full-time | apply.workable.com |
Company Summary
At Safran Passenger Innovations, we make flying fun by focusing on maximizing the Passenger Experience. As an innovative In-Flight Entertainment and Connectivity (IFEC) company we design, engineer, manufacture, sell and support world-class In-Flight Entertainment and Connectivity solutions.
Our products are constantly evolving, solving complex media distribution, playback, and networking problems in a secure, demanding on-wing environment. Safran IFEC products are utilized by many of the world’s premier air carriers. Step aboard and help us by creating the best in-flight experiences for today and beyond!
Job Summary
As a Principal Security Software Engineer on the Software Development team, you will engage with an experienced cross-disciplinary staff to design and implement innovative In-Flight Entertainment (IFE) products applying state of the art security principles (wired and wireless) concepts and technologies to modernize all security aspects of our platform, including on-wing and off-wing Compute, Connectivity, Networking and Storage.
Working closely with inter-disciplinary teams you will participate in architecture, design, development, test, and integration of software features for the RAVE IFEC systems and products using a hybrid development methodology in a regulated environment.
You must be a self-starter, responsive, flexible, and able to succeed within an open, collaborative peer environment.
Duties and Responsibilities:
• Contribute to the design, creation, development and improvement of security features, packaging, tools, testing, test automation, continuous integration, delivery, documentation and building of complex distributed systems in a low power, low latency, heat conscious environment
• Problem solving - troubleshoot, triage, debug, and resolve security issues
• Demonstrate passion for continuous improvement and take personal ownership of quality
• Provide guidance, mentoring, training, and support across product development and the broader IFE business with respect to security best practices
• Provide realistic estimates, foster a culture of transparency, and meet agreed upon commitments
• Facilitate communication internally, with stakeholders, users, and/or customers on specifications, architecture, design, implementation, and approvals
• Actively participate, engage, and contribute during meetings
• Leverage other internal organizations to facilitate product success
• Prepare and present technical information for large and diverse audiences
• Assess third-party and open-source software and in some cases implement the same
• Adhere to, contribute to, and help improve both organizational processes and the software development lifecycle (SDLC)
Requirements
• Bachelor’s Degree in Computer Science, or equivalent experience in a related field (Cybersecurity training or experience is advantageous)
• 3-6 years of experience in a Senior (or above) level role within Security software engineering
• 15+ years of overall software development experience
• 5+ years of proven experience on containers technologies, microservices and DevOps practices
• Expert on monolithic to secure by design microservices with an eye towards practical migrations and attack surface analysis
• Expert in service-to-service (API) communication security and monitoring
• Security – holistic - Experience with security engineering concepts and practices including system and network security, authentication, protocols, cryptography, DB, and application security in regulated environments
• Enterprise level expertise in securing development and delivery of complex distributed compute environments
• Mastery of basic security concepts such as authentication, authorization (IAM), DevSecOps, Infrastructure as Code and Microservices/Containers
• Deep network understanding including protocols, debugging, layers, security, intrusion detection, log analysis, and network scanning
• Understand the OSI model and relationship between layers
• Hybrid networking concepts (Cloud/On-Prem/On-Wing)
• Secure design of API’s, queuing/messaging
• Securing Kubernetes
• Design experience with implementing Digital Rights Management (DRM) tools and key/secrets management
• Experience with decentralized access control in complex distributed environments
• UNIX/Linux or embedded operating systems using C/C++
• Experience troubleshooting & root cause analysis of software and hardware security issues
• Experience with formal Engineering Requirements documentation and processes
Experiences with any of the following languages, technologies and/or techniques would be advantageous:
o Low level kernel/driver knowledge of Linux 4.x and 5.x
o MQTT, IPC, RPC, sockets and/or audio/video players.
o Highly available, fault-tolerant, distributed, or clustered systems development
o ARINC 429 (data transfer) and RS-485/422.
o Understanding of bus design: I2C, PCIe, SPI, MDIO, CAN, etc.
o Experience with various security/cryptography concepts such as PKI, SSL and TLS with respect to embedded devices
o Windows using C/C++/C#, .Net, web programming, JavaScript, ASP, SQL, Node, Go and functional compute like AWS Lambda
o Mobile application communications development and loosely coupled designs
o Understanding of containers and virtual machines using Docker Swarm, Kubernetes, or other control planes and compute primitives
o Experience refactoring/rearchitecting monolithic solutions into distributed microservices, containerized or serverless with heavy API design and implementation strategies
Benefits
In addition to a comprehensive package of health benefits that include company contributions, Safran Passenger Innovations offers a variety of additional benefits and perks to enhance your work-life balance experience including but not limited to:
• A home allowance to elevate your home workspace
• Discretionary bonus program
• Future financial security with a 401(k) program with company match
• Paid time off covering vacations, personal time off and sick days, capped off by an exciting year-end holiday shutdown
• Embraced flexibility with our alternative work schedule (9/80) to navigate your workweeks with every other Friday off
At Safran Passenger Innovations, we make flying fun by focusing on maximizing the Passenger Experience. As an innovative In-Flight Entertainment and Connectivity (IFEC) company we design, engineer, manufacture, sell and support world-class In-Flight Entertainment and Connectivity solutions.
Our products are constantly evolving, solving complex media distribution, playback, and networking problems in a secure, demanding on-wing environment. Safran IFEC products are utilized by many of the world’s premier air carriers. Step aboard and help us by creating the best in-flight experiences for today and beyond!
Job Summary
As a Principal Security Software Engineer on the Software Development team, you will engage with an experienced cross-disciplinary staff to design and implement innovative In-Flight Entertainment (IFE) products applying state of the art security principles (wired and wireless) concepts and technologies to modernize all security aspects of our platform, including on-wing and off-wing Compute, Connectivity, Networking and Storage.
Working closely with inter-disciplinary teams you will participate in architecture, design, development, test, and integration of software features for the RAVE IFEC systems and products using a hybrid development methodology in a regulated environment.
You must be a self-starter, responsive, flexible, and able to succeed within an open, collaborative peer environment.
Duties and Responsibilities:
• Contribute to the design, creation, development and improvement of security features, packaging, tools, testing, test automation, continuous integration, delivery, documentation and building of complex distributed systems in a low power, low latency, heat conscious environment
• Problem solving - troubleshoot, triage, debug, and resolve security issues
• Demonstrate passion for continuous improvement and take personal ownership of quality
• Provide guidance, mentoring, training, and support across product development and the broader IFE business with respect to security best practices
• Provide realistic estimates, foster a culture of transparency, and meet agreed upon commitments
• Facilitate communication internally, with stakeholders, users, and/or customers on specifications, architecture, design, implementation, and approvals
• Actively participate, engage, and contribute during meetings
• Leverage other internal organizations to facilitate product success
• Prepare and present technical information for large and diverse audiences
• Assess third-party and open-source software and in some cases implement the same
• Adhere to, contribute to, and help improve both organizational processes and the software development lifecycle (SDLC)
Requirements
• Bachelor’s Degree in Computer Science, or equivalent experience in a related field (Cybersecurity training or experience is advantageous)
• 3-6 years of experience in a Senior (or above) level role within Security software engineering
• 15+ years of overall software development experience
• 5+ years of proven experience on containers technologies, microservices and DevOps practices
• Expert on monolithic to secure by design microservices with an eye towards practical migrations and attack surface analysis
• Expert in service-to-service (API) communication security and monitoring
• Security – holistic - Experience with security engineering concepts and practices including system and network security, authentication, protocols, cryptography, DB, and application security in regulated environments
• Enterprise level expertise in securing development and delivery of complex distributed compute environments
• Mastery of basic security concepts such as authentication, authorization (IAM), DevSecOps, Infrastructure as Code and Microservices/Containers
• Deep network understanding including protocols, debugging, layers, security, intrusion detection, log analysis, and network scanning
• Understand the OSI model and relationship between layers
• Hybrid networking concepts (Cloud/On-Prem/On-Wing)
• Secure design of API’s, queuing/messaging
• Securing Kubernetes
• Design experience with implementing Digital Rights Management (DRM) tools and key/secrets management
• Experience with decentralized access control in complex distributed environments
• UNIX/Linux or embedded operating systems using C/C++
• Experience troubleshooting & root cause analysis of software and hardware security issues
• Experience with formal Engineering Requirements documentation and processes
Experiences with any of the following languages, technologies and/or techniques would be advantageous:
o Low level kernel/driver knowledge of Linux 4.x and 5.x
o MQTT, IPC, RPC, sockets and/or audio/video players.
o Highly available, fault-tolerant, distributed, or clustered systems development
o ARINC 429 (data transfer) and RS-485/422.
o Understanding of bus design: I2C, PCIe, SPI, MDIO, CAN, etc.
o Experience with various security/cryptography concepts such as PKI, SSL and TLS with respect to embedded devices
o Windows using C/C++/C#, .Net, web programming, JavaScript, ASP, SQL, Node, Go and functional compute like AWS Lambda
o Mobile application communications development and loosely coupled designs
o Understanding of containers and virtual machines using Docker Swarm, Kubernetes, or other control planes and compute primitives
o Experience refactoring/rearchitecting monolithic solutions into distributed microservices, containerized or serverless with heavy API design and implementation strategies
Benefits
In addition to a comprehensive package of health benefits that include company contributions, Safran Passenger Innovations offers a variety of additional benefits and perks to enhance your work-life balance experience including but not limited to:
• A home allowance to elevate your home workspace
• Discretionary bonus program
• Future financial security with a 401(k) program with company match
• Paid time off covering vacations, personal time off and sick days, capped off by an exciting year-end holiday shutdown
• Embraced flexibility with our alternative work schedule (9/80) to navigate your workweeks with every other Friday off
Don’t miss out on new job openings!
Create a job alert for: Cloud Engineer, Brea
It's free, and you can cancel email updates at any time