FullertonRecruiter Since 2001
the smart solution for Fullerton jobs

Principal Software Engineer (Security)

Company: Safran
Location: Brea
Posted on: January 21, 2023

Job Description:

At Safran Passenger Innovations, we make flying fun by focusing on maximizing the Passenger Experience. As an innovative In-Flight Entertainment and Connectivity (IFEC) company we design, engineer, manufacture, sell and support world-class In-Flight Entertainment and Connectivity solutions. Our products are constantly evolving, solving complex media distribution, playback, and networking problems in a secure, demanding on-wing environment. Safran IFEC products are utilized by many of the world's premier air carriers. Step aboard and help us by creating the best in-flight experiences for today and beyond!
Job Summary
As a Principal Security Software Engineer on the Software Development team, you will engage with an experienced cross-disciplinary staff to design and implement innovative In-Flight Entertainment (IFE) products applying state-of-the-art security principles (wired and wireless) concepts and technologies to modernize all security aspects of our platform, including on-wing and off-wing Compute, Connectivity, Networking, and Storage. Working closely with inter-disciplinary teams you will participate in the architecture, design, development, test, and integration of software features for the RAVE IFEC systems and products using a hybrid development methodology in a regulated environment. You must be a self-starter, responsive, flexible, and able to succeed within an open, collaborative peer environment.
Duties and Responsibilities:

  • Contribute to the design, creation, development, and improvement of security features, packaging, tools, testing, test automation, continuous integration, delivery, documentation, and building of complex distributed systems in a low power, low latency, heat-conscious environment
  • Problem-solving - troubleshoot, triage, debug, and resolve security issues
  • Demonstrate a passion for continuous improvement and take personal ownership of quality
  • Provide guidance, mentoring, training, and support across product development and the broader IFE business with respect to security best practices
  • Provide realistic estimates, foster a culture of transparency, and meet agreed-upon commitments
  • Facilitate communication internally, with stakeholders, users, and/or customers on specifications, architecture, design, implementation, and approvals
  • Actively participate, engage, and contribute during meetings
  • Leverage other internal organizations to facilitate product success
  • Prepare and present technical information for large and diverse audiences
  • Assess third-party and open-source software and in some cases implement the same
  • Adhere to, contribute to, and help improve both organizational processes and the software development lifecycle (SDLC)
    • Bachelor's Degree in Computer Science, or equivalent experience in a related field (Cybersecurity training or experience is advantageous)
    • 3-6 years of experience in a Senior (or above) level role within Security software engineering
    • 15+ years of overall software development experience
      Required Experience
      • 5+ years of proven experience in containers technologies, microservices, and DevOps practices
      • Expert on monolithic to secure by design microservices with an eye towards practical migrations and attack surface analysis
      • Expert in service-to-service (API) communication security and monitoring
      • Security - holistic - Experience with security engineering concepts and practices including system and network security, authentication, protocols, cryptography, DB, and application security in regulated environments
      • Enterprise-level expertise in securing the development and delivery of complex distributed computing environments
        • Mastery of basic security concepts such as authentication, authorization (IAM), DevSecOps, Infrastructure as Code, and Microservices/Containers
        • Deep network understanding including protocols, debugging, layers, security, intrusion detection, log analysis, and network scanning
        • Understand the OSI model and the relationship between layers
        • Hybrid networking concepts (Cloud/On-Prem/On-Wing)
        • Secure design of API's, queuing/messaging
        • Securing Kubernetes
        • Design experience with implementing Digital Rights Management (DRM) tools and key/secrets management
        • Experience with decentralized access control in complex distributed environments
        • UNIX/Linux or embedded operating systems using C/C++
        • Experience troubleshooting & root cause analysis of software and hardware security issues
        • Experience with formal Engineering Requirements documentation and processes
          Desired Experience
          • Understanding of embedded circuit design and PCB schematics, particularly with ARM/x86 processors
          • Board-level security concepts and design
          • Understanding of Platform as a Service (PaaS) concepts and how to construct secure compute platforms from physical hardware all the way up the stack. This includes the ability to assess/evaluate and utilize primitives in a constrained environment.
          • Experience integrating automated security tests into CI/CD
          • Skilled at designing high availability platforms with quick recovery objectives
          • Adept at implementing internal tools to support development and troubleshooting for the entire stack
          • Linux kernel expertise - can design and abstract/isolate/control low-level calls via wrapper/abstraction and create custom Linux distributions leveraging Yocto.
          • Understanding of Video/Media content, playback, delivery, and streaming including DRM as well as an understanding of distributed file sharing concepts like BitTorrent
            Experiences with any of the following languages, technologies, and/or techniques would be advantageous:
            • Low-level kernel/driver knowledge of Linux 4.x and 5.x
            • MQTT, IPC, RPC, sockets, and/or audio/video players.
            • Highly available, fault-tolerant, distributed, or clustered systems development
            • ARINC 429 (data transfer) and RS-485/422.
            • Understanding of bus design: I2C, PCIe, SPI, MDIO, CAN, etc.
            • Experience with various security/cryptography concepts such as PKI, SSL, and TLS with respect to embedded devices
            • Windows using C/C++/C#, .Net, web programming, JavaScript, ASP, SQL, Node, Go and functional compute like AWS Lambda
            • Mobile application communications development and loosely coupled designs
            • Understanding of containers and virtual machines using Docker Swarm, Kubernetes, or other control planes and compute primitives
            • Experience refactoring/rearchitecting monolithic solutions into distributed microservices, containerized or serverless with heavy API design and implementation strategies
              The starting pay range for this position is $148,000 - $197,000, however, base pay offered may vary depending on skills, experience, job-related knowledge and location.

Keywords: Safran, Fullerton , Principal Software Engineer (Security), IT / Software / Systems , Brea, California

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category

Log In or Create An Account

Get the latest California jobs by following @recnetCA on Twitter!

Fullerton RSS job feeds