BackBack to menu

Forgotten password

Enter your email address. We'll send you a link to reset your password
BackBack
BackBack

Saved! Click to view all your saved jobs

You can also email this job...

BackBack

Share this job

BackBack

Apply for this job

Clicking GO will take you to another web site
You'll continue your application for the job there
BackBack

Register your CV to Apply

BackBack to apply

Choose a CV

We accept DOC, DOCX, PDF, RTF, TXT
Type or paste your CV

Now add this CV

BackBack to apply
BackBack
BackBack to apply

Login to apply

BackBack to login

Forgotten password

Enter your email address. We'll send you a link to reset your password
BackBack to apply

Tell us where you live

Tell us where you live
(Type, then select from options provided)
BackBack to apply

Which locations are you happy to work in?

BackBack to apply

Choose up to 3 sectors

BackBack to apply

Choose any or all job types

BackBack to apply

Choose up to 3 licence types

BackBack to apply

Choose up to 5 type ratings

Sr Staff Product Security Leader

  • GE Aviation - 274 jobs
  • https://www.jobsinaviation.com/Images/Default/recruiters/Thumbnail/ccc13e36-a3be-4aac-9ef6-88f587f249eb131129807088665247.png

Cheltenham, Gloucestershire, England


Role Summary:
The Sr. Staff Product Security Leader will collaborate with development teams around the world to drive threat modeling exercises, lead security-focused architecture and code reviews, oversee security tests, and validate security designs across numerous Aviation products. You will be a developer security evangelist and will provide thought leadership & help guide developers in secure coding practices.
Essential Responsibilities:
In this role, you will: 
  • Coach product development teams on secure design principles, development practices, and application hardening. 
  • Perform Threat Modeling and Architecture Risk Analysis on products. 
  • Perform Security Code Reviews, Vulnerability Analysis and research on application code. 
  • Coach and mentor developers to write and implement cryptography (PKI, Code Signing, etc) 
  • Guide developers to write secure code and implement secure engineering practices.
    Provide response for security related incidents
    Engage subject matter experts in successful transfer of complex domain knowledge 
  • Provide guidance and advise on writing secure code that meets standards and delivers desired functionality using the technology selected for the project. 
  • Audit and exploit applications and systems under development to expose vulnerabilities, and demonstrate possible fixes. 
  • Analyze and validate completed security improvements and CVE patches.

Qualifications/Requirements:
  • Bachelor's Degree in Computer Engineering or in a STEM major (Science, Technology, Engineering, or Math)  
  • Substantial post graduate experience in cyber security

Eligibility Requirements
  • Applications from job seekers who require sponsorship to work in the UK are welcome and will be considered alongside all other applications. However, non-EU/EEA candidates may not be appointed to a post if a suitably qualified, experienced and skilled EU/EEA candidate is available to take up the post, as the employing body is unlikely, in these circumstances, to satisfy the Resident Labour Market Test. For further information please visit the UK Border Agency website http:// Applyba.homeoffice. Apply/visas-immigration/working

  • Baseline Personnel Security Standard (BPSS) clearance is required and must be maintained for this role. Please note that in the event that BPSS clearance cannot be obtained, you may not be eligible for the role and/or any offer of employment may be withdrawn on grounds of national security. Please see the link below for further details regarding the requirements for BPSS clearance
    https:// Apply/government/uploads/system/uploads/attachment_data/file/61212/hmg-personnel-security-controls.pdf

  • UK Security Clearance (SC) is required and must be maintained for this role.
    Candidates who do not meet the minimum requirements for UK Security Clearance are not eligible for this role on grounds of national security. If UK Security Clearance is not obtained, any offer of employment may be withdrawn on grounds of national security.

Desired Characteristics:
  • Highly skilled security Engineer who enjoys security work and collaborating with product managers and developers to drive the successful adoption of innovative methods in developing secure applications. 
  • Proficiency in at least one programming language (Java, Node.JS, Python, or C/C++) 
  • Experience conducting static code reviews and applying security auditing and/or penetration testing principles and tools. 
  • Working knowledge of OWASP Web/API vulnerabilities (CSRF, XSS, SQLI, etc.) and compensating controls. 
  • Experience securing applications within cloud platforms suchas AWS, Azure, CloudFoundry, etc 
  • Knowledge of secure architecture and design principles 
  • Knowledge of Risk Controls frameworks and procedures (NIST800-53, DFARS, etc.). 
  • Knowledge of API security architecture common authentication technologies (OAuth2, Spring Security, HMAC, WS-Security, WS-Trust, or XACML)preferred. 
  • Solid understanding of computer architecture, especially the hardware components, Software stack and protocols. 
  • Experience in security technologies like TXT, TPM, TrustZone etc. 
  • This could overlap with experience in embedded systems. 
  • Solid understanding of applied cryptography fundamentals (Encryption, Authentication, Symmetric Cryptography, Asymmetric Cryptography etc)

#AVICyberJob
About Us:
At GE Aviation , we are imagination at work. Whether we're manufacturing components for our GEnx engines or driving innovation in fuel and noise reduction, the GE Aviation teams are dedicated to turning imaginative ideas into advances in aviation that solve some of the world's toughest problems. Join us and you'll find yourself in a dynamic environment w
Pay
N/A
Hours
Full time
Type
Contract
Rating
N/A
Licence
N/A

Posted 29 Jan 2020

Closes 27 Feb 2020

Ref: 3427539

This job was posted to: Airport security

Receive jobs like this by email

Related jobs

Lead Special Programs Security Specialist

Evendale, Ohio, United States
GE Aviation

Lead Special Programs Security Specialist

Evendale, Ohio, United States
GE Aviation

Group Information Security Manager

Cape Town, Western Cape, South Africa
Lufthansa

Sr Staff Cyber Security Architect

Cincinnati, Indiana, United States
GE Aviation

Industrial Security Specialist

Evendale, Ohio, United States
GE Aviation

Product Security Specialist - Application Security

Cincinnati, Indiana, United States
GE Aviation

Sr Cyber Security Architect - Application Security

Cincinnati, Indiana, United States
GE Aviation

Sr Staff Cyber Security Architect

Cincinnati, Indiana, United States
GE Aviation

Information Security & Privacy Compliance Analyst

Boston Corner, Indiana, United States
GE Aviation

Senior Security Officer Required

United Arab Emirates
Excel Technical Consulting

Senior Cyber Security Architect

Eastleigh, Hampshire, England
GE Aviation