Principal Software Engineer (Security)

Company: Safran
Location: Brea
Posted on: January 21, 2023

Job Description:

At Safran Passenger Innovations, we make flying fun by focusing on maximizing the Passenger Experience. As an innovative In-Flight Entertainment and Connectivity (IFEC) company we design, engineer, manufacture, sell and support world-class In-Flight Entertainment and Connectivity solutions. Our products are constantly evolving, solving complex media distribution, playback, and networking problems in a secure, demanding on-wing environment. Safran IFEC products are utilized by many of the world's premier air carriers. Step aboard and help us by creating the best in-flight experiences for today and beyond!
Job Summary
As a Principal Security Software Engineer on the Software Development team, you will engage with an experienced cross-disciplinary staff to design and implement innovative In-Flight Entertainment (IFE) products applying state-of-the-art security principles (wired and wireless) concepts and technologies to modernize all security aspects of our platform, including on-wing and off-wing Compute, Connectivity, Networking, and Storage. Working closely with inter-disciplinary teams you will participate in the architecture, design, development, test, and integration of software features for the RAVE IFEC systems and products using a hybrid development methodology in a regulated environment. You must be a self-starter, responsive, flexible, and able to succeed within an open, collaborative peer environment.
Duties and Responsibilities:

• Contribute to the design, creation, development, and improvement of security features, packaging, tools, testing, test automation, continuous integration, delivery, documentation, and building of complex distributed systems in a low power, low latency, heat-conscious environment
• Problem-solving - troubleshoot, triage, debug, and resolve security issues
• Demonstrate a passion for continuous improvement and take personal ownership of quality
• Provide guidance, mentoring, training, and support across product development and the broader IFE business with respect to security best practices
• Provide realistic estimates, foster a culture of transparency, and meet agreed-upon commitments
• Facilitate communication internally, with stakeholders, users, and/or customers on specifications, architecture, design, implementation, and approvals
• Actively participate, engage, and contribute during meetings
• Leverage other internal organizations to facilitate product success
• Prepare and present technical information for large and diverse audiences
• Assess third-party and open-source software and in some cases implement the same
• Adhere to, contribute to, and help improve both organizational processes and the software development lifecycle (SDLC)
  Requirements
  
  • Bachelor's Degree in Computer Science, or equivalent experience in a related field (Cybersecurity training or experience is advantageous)
  • 3-6 years of experience in a Senior (or above) level role within Security software engineering
  • 15+ years of overall software development experience
    Required Experience
    • 5+ years of proven experience in containers technologies, microservices, and DevOps practices
    • Expert on monolithic to secure by design microservices with an eye towards practical migrations and attack surface analysis
    • Expert in service-to-service (API) communication security and monitoring
    • Security - holistic - Experience with security engineering concepts and practices including system and network security, authentication, protocols, cryptography, DB, and application security in regulated environments
    • Enterprise-level expertise in securing the development and delivery of complex distributed computing environments
      • Mastery of basic security concepts such as authentication, authorization (IAM), DevSecOps, Infrastructure as Code, and Microservices/Containers
      • Deep network understanding including protocols, debugging, layers, security, intrusion detection, log analysis, and network scanning
      • Understand the OSI model and the relationship between layers
      • Hybrid networking concepts (Cloud/On-Prem/On-Wing)
      • Secure design of API's, queuing/messaging
      • Securing Kubernetes
      • Design experience with implementing Digital Rights Management (DRM) tools and key/secrets management
      • Experience with decentralized access control in complex distributed environments
      • UNIX/Linux or embedded operating systems using C/C++
      • Experience troubleshooting & root cause analysis of software and hardware security issues
      • Experience with formal Engineering Requirements documentation and processes
        Desired Experience
        
        • Understanding of embedded circuit design and PCB schematics, particularly with ARM/x86 processors
        • Board-level security concepts and design
        • Understanding of Platform as a Service (PaaS) concepts and how to construct secure compute platforms from physical hardware all the way up the stack. This includes the ability to assess/evaluate and utilize primitives in a constrained environment.
        • Experience integrating automated security tests into CI/CD
        • Skilled at designing high availability platforms with quick recovery objectives
        • Adept at implementing internal tools to support development and troubleshooting for the entire stack
        • Linux kernel expertise - can design and abstract/isolate/control low-level calls via wrapper/abstraction and create custom Linux distributions leveraging Yocto.
        • Understanding of Video/Media content, playback, delivery, and streaming including DRM as well as an understanding of distributed file sharing concepts like BitTorrent
          Experiences with any of the following languages, technologies, and/or techniques would be advantageous:
          
          • Low-level kernel/driver knowledge of Linux 4.x and 5.x
          • MQTT, IPC, RPC, sockets, and/or audio/video players.
          • Highly available, fault-tolerant, distributed, or clustered systems development
          • ARINC 429 (data transfer) and RS-485/422.
          • Understanding of bus design: I2C, PCIe, SPI, MDIO, CAN, etc.
          • Experience with various security/cryptography concepts such as PKI, SSL, and TLS with respect to embedded devices
          • Windows using C/C++/C#, .Net, web programming, JavaScript, ASP, SQL, Node, Go and functional compute like AWS Lambda
          • Mobile application communications development and loosely coupled designs
          • Understanding of containers and virtual machines using Docker Swarm, Kubernetes, or other control planes and compute primitives
          • Experience refactoring/rearchitecting monolithic solutions into distributed microservices, containerized or serverless with heavy API design and implementation strategies
            The starting pay range for this position is $148,000 - $197,000, however, base pay offered may vary depending on skills, experience, job-related knowledge and location.

Keywords: Safran, Fullerton , Principal Software Engineer (Security), IT / Software / Systems , Brea, California