Senior System Security Analyst
Job Description - Senior System Security Analyst (117203)
Senior System Security Analyst
Requisition ID
117203
Description
L3Harris MAS, a subsidiary of L3Harris Technologies, Inc., is an agile and innovative aerospace and defense technology company. Our 1000 employees provide complete military and commercial aviation modernization and upgrade solutions including structural and avionics upgrades, aircraft component repair and overhaul, integrated logistics support, stripping and painting, field service support and technical publications, plus a full range of technical support services.
Our specialized aviation facilities include component repair, overhaul and machining, aircraft hangars and other upgrade facilities, structural design and analysis, full-scale fatigue testing and aircraft fatigue management, as well as other engineering services - from mechanical engineering and avionics to electronics and systems engineering.
Our customers perform on the world’s most challenging front lines. They trust us to keep them prepared for what’s next. We combine speed, innovation and flawless execution to ensure confidence and security in the world ahead.
About your next Challenge as a Senior System Security Analyst:
The Senior System Security Analyst is a member of the System Security Engineering (SSE) team, within the Software Engineering department at L3Harris MAS.
The Senior System Security Analyst will maintain the security posture of aerospace platforms and their associated ground systems and supply chains throughout their lifecycles. This will be achieved through the execution of SSE life cycle activities; security requirements engineering, system security analysis, system security verification, and risk management.
The person will provide technical support to assigned Fleet(s), and will be responsible to lead efforts to conduct risk assessments supporting the aircraft certification processes. The analyst will plan and execute security measures in response to cybersecurity risks, events and incidents, and analyze security breaches and take appropriate actions to reduce the likelihood of follow-on cybersecurity incidents. They will also develop, document, and execute security verification plans, and develop and document system security policies and procedures, as required. This position will require close collaboration on multiple avionics and/or security-related projects and technologies, interfacing with team members within the organization as well as external partners and customers.
What You Will Do:
Subject to the scope and stage of the program/project to which the member will be assigned, the candidate can expect to perform the following duties:
- Plan and coordinate the activities of the System Security Working Group associated with the assigned fleet(s) in conjunction with all relevant stakeholders;
- Identify and recommend SSE tasks to be performed in maintaining the system security posture of assigned fleet(s);
- Ensure the maintenance and upkeep of system security lifecycle artifacts associated with assigned fleet(s);
- Plan the execution of assigned system security engineering tasks to meet program and project schedule milestones and deliverables submission dates.
- Develop and maintain security threat risk assessment (TRA) for aerospace platforms and their associated enabling systems and supply chains.
- In support of the acquisition and modification of aerospace platforms and their associated enabling systems, perform the following tasks:
- Conduct the system security risk assessment;
- Develop the system security requirements;
- Define the system security architecture and identify the security controls to satisfy system security requirements;
- Develop test plans and other test lifecycle artifacts needed for security verification;
- Support the airworthiness certification process with the security evidence needed;
- Support the security and accreditation process of networked avionics subsystems requiring connectivity to national information systems with the security evidence needed.
- Support internal and formal technical reviews of proposed changes to all avionics subsystems and provide security design advice and recommendations as needed.
- Support the management of security risks from third parties involved in the programs and projects for assigned fleet(s).
- Report status on deliverables and engineering studies.
- Perform other related duties as required.
Required Skills and Experiences:
- A Bachelor’s degree in a relevant field of specialization is required. Preferred fields of specialization: software engineering, computer engineering, computer science, or electrical engineering. A master's degree in a relevant field of specialization is an asset.
- A minimum of seven (7) years cumulative and demonstrable experience in the last 20 years in the design, implementation and set to work of networked security solutions to meet recognized set of security controls, such as: Government of Canada (GC) ITSG-33, NIST 800-53, ISO 27002, etc.
- A minimum of seven (7) years of hands-on experience in the last 20 years in the employment of five (5) or more of the following security technologies and techniques in security solutions: network security monitoring, network intrusion detection, operating system hardening, high-assurance guard, virtualization (server, application, network), identity management, firewalls, encryption (commercial and type 1), anti-virus software, authentication systems, log management, content filtering and secure software development lifecycle.
- Minimum of five (5) years of cumulative experience in: cybersecurity requirements development, security and cyber threat analysis, security systems engineering, cyber systems architecture development or cybersecurity policy development.
- Certification: CISSP, CCSP, CISM or equivalent.
- Experienced in the use of cybersecurity frameworks such as: NIST, COBIT, ISO 27000 series, etc.
- Experience in the use of the RTCA security standards is an asset.
- Thorough understanding of the latest security principles, techniques, and protocols.
- Understanding of a variety of vendor security solutions.
- Knowledge of offensive and defensive cyber techniques.
- Understanding of network/web technologies and protocols.
- Excellent interpersonal and communication skills with the ability to interact and build trust across all levels of the organization, partners and with customers.
- Ability to effectively plan, organize, and execute work in one or more projects.
- Ability to work both independently and within groups.
- Problem-solving skills and ability to work under pressure.
Eligibility Criteria:
- Must be eligible for registration with the Controlled Goods Program;
- Must be eligible to obtain and maintain a government of Canada “Reliability” status and Level 2 (Secret) security clearance;
- Must meet the requirements for U.S. International Traffic in Arms Regulations (ITAR).
Our culture:
L3Harris MAS cultivates an inclusive and stimulating work environment that empowers employees and promotes work-life balance. Our values (integrity, respect, excellence), community dedication and commitment to excel in everything we do are the foundation of our culture.
We are proud to be an Equal Opportunity Employer and are committed to treating all employees and applicants for employment with respect and dignity and maintaining a workplace that is free from unlawful discrimination. All applicants will be considered for employment without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender (including pregnancy, childbirth, breastfeeding or other related medical conditions), gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, characteristic or membership in any other group protected by federal, provincial or local laws. L3Harris maintains a drug-free workplace and performs pre-employment substance abuse testing and background checks, where permitted by law.
About L3Harris:
L3Harris Technologies is an agile global aerospace and defense technology innovator, delivering end-to-end solutions that meet customers’ mission-critical needs. The company provides advanced defense and commercial technologies across air, land, sea, space and cyber domains. L3Harris has approximately $18 billion in annual revenue, 48,000 employees and customers in more than 100 countries. L3Harris.com
Everything we do here has a direct impact on the protection and security of human lives.
We thank all applicants for their interest but only those selected for an interview will be contacted.
Qualifications
CAN Security Clearance Required: NATO Secret
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
