Cybersecurity Engineer

Safran est un groupe international de haute technologie operant dans les domaines de l'aeronautique (propulsion, equipements et interieurs), de l'espace et de la defense. Sa mission : contribuer durablement à un monde plus sûr, où le transport aerien devient toujours plus respectueux de l'environnement, plus confortable et plus accessible. Implante sur tous les continents, le Groupe emploie 92 000 collaborateurs pour un chiffre d'affaires de 23,2 milliards d'euros en 2023, et occupe, seul ou en partenariat, des positions de premier plan mondial ou europeen sur ses marches. Safran s'engage dans des programmes de recherche et developpement qui preservent les priorites environnementales de sa feuille de route d'innovation technologique. Safran est la 1ere entreprise du secteur aeronautique et defense du classement World's Best Companies 2023 du magazine TIME. Safran Cabin fournit les interieurs de cabines complets, les systemes et les equipements les plus innovants du secteur. 11,000 employes mettent leur expertise au service de ses clients du monde entier, offrant des produits qui ameliorent l'experience passager et faciles à configurer sur toutes les plateformes.

Mission description

POWERED BY TEAMWORK. Are you ready to be part of a team that drives big ideas and even bigger wins? At Safran, we believe in the power of both collaboration and individual contributions. We understand that it takes diverse perspectives, problem-solving skills, dependability, and trust to push each other forward and achieve great success. For us, working here is more than just a job; it's a passion. There's the unique opportunity to lead the way in aerospace and defense and contribute to creating a safer and more sustainable world. We trust our employees to bring bold ideas to build the future of aerospace together, contributing to our ranking by TIME as the leading Aerospace & Defense company on the 2023 World's Best Companies list (#59 on the full list). Join our team and become part of the group that's making amazing things happen on the ground and in the skies. Together, we'll proudly step back and say, We did that." In the role of Cybersecurity Engineer, you'll play a pivotal part on our Engineering team. The Cybersecurity Engineer guides the design and development lifecycle for an embedded hardware/software cyber security stack that will provide the communications between Cabin products and aircraft systems. During the development process, this individual will be responsible for leading security risk assessments of embedded hardware and software to identify vulnerabilities and make iterative improvements to the embedded platform's security architecture. The Cybersecurity Engineer will develop embedded software that meets the highest cybersecurity standards, is highly motivated and passionate about security technologies. The Cybersecurity Engineer is responsible for the design, development, verification and coordination of secure hardware, firmware, and communication architectures in embedded systems for connected cabin products. This position contributes to our vision by: 1. Develop embedded software that meets the highest cyber security standards. Develop embedded protection systems written primarily in C/C++. Develop cryptographic architectures to facilitate secure system boot, communications and processing. Assist with definition of system design for software requirements, hardware functional interfaces, bus loading, and communication features. Assist with development and integration of Software Assurance measures and practice. 2. Design and implement security architectures and features for embedded hardware, software, and communications systems. 3. Perform security risk assessments, security scope definition, security architecture design, code audits and design reviews of embedded platforms throughout the secure development lifecycle 4. Collaborate with product and engineering teams on security during design/development/testing 5. Research and develop technical solutions to mitigate security risks 6. Conduct research to identify new attack vectors against embedded products and services

At Safran Cabin, diversity & inclusion is a source of richness that adds quality of life, performance, and innovation. We welcome diverse contributions and provide equal employment opportunity to all individuals regardless of race, color, religion, sex/gender, sexual orientation, gender identity/gender expression, marital status, pregnancy, age, national origin, ancestry, disability/medical condition, military or veteran status, citizenship status, genetic characteristics or information, or any other characteristic protected by applicable federal, state, and local laws. We seek service-oriented team players with strong interpersonal skills and a positive attitude, adaptable to our innovative and evolving environment. Education: Bachelor's Degree in Computer Engineering/Electrical/Science/Math Experience: A minimum of 5 years of professional experience in embedded software programming using C/C++ focused in security protocols Cyber Security Certified or willing to obtain certification in CEH / CISM / CISSP / CompTIA or equivalent Experience working with cryptographic protocols/libraries including secure boot implementation Experience in publish-subscribe communications architectures (CoAP/MQTT) Experience in implementing security protocols for wireless networks (802.11/802.15.4/BLE) Experience with packet capture and analysis tools (Wireshark), thorough understanding of the HTTP, MQTT, CoAP protocols, Experience in NIST/NSA-approved cryptographic standards and methods. Knowledge & Skills: People, Process & Analytical Skills Strong communication skills and interest in a pair programming environment Demonstrated ability in leadership, excellent communication and organizational skills. Strong team member who inspires, innovates, and delivers results to add values and make a difference Critical thinking with open to critique Analytical thinking with ability to synthesize information and identify salient points Ability to define problems, understands data, establish facts, and draw valid conclusions Demonstrates ability to work well in a cross-functional team environment Detail-oriented, organized and work well independently and as part of a team User-centric /customer-centric focused, embrace Agile XP practice, and possess a learning mindset Technical Skills Design of security requirements and security controls for networks and embedded platforms Knowledge of cybersecurity standards and best practices for embedded systems Hardware and software security architecture design and integration Secure configuration and implementation of networking and communications protocols Threat modeling, system-level risk assessments, vulnerability analysis and research Strong knowledge in routing, switching, firewalls, wireless controllers, and DNS Strong knowledge of System Security Engineering (SSE) principals and process (e.g. NIST SP 800-161)