Cyber Security System Engineer

Aversan Inc. (www.aversan.com) is a trusted multi-service engineering and electronics manufacturing company. Aversan delivers leading-edge and reliable safety-critical electronics and software systems to the aerospace, defence, and space industries.

We are currently seeking a qualified Cyber Security System Engineer to join our team. The Cyber Security System Engineer involves defining security requirements, overseeing accreditation processes, and mentoring security teams in complex government and defense projects.

Location: Brampton, ON
Job Type: Hybrid

Responsibilities

• Function as the overall Technical Authority for all security engineering activities involved in the Robotics and Space Operations products/projects.
• Provide consulting on the overall system architectures and operations concepts from a security perspective.
• Develop and maintain all security related system artefacts (e.g. specifications, ICDs, profiles, test documents, etc) from the customer level down to the major subsystem level.
• Derive security requirements, designs, solutions and mechanisms in response to customer requirements or industry standards.
• Develop and lead all security acceptance and accreditation programs for systems.
• Support engineering program delivery through the development and generation of security related artefacts such as engineering plans, engineering budgets, design reports, and operational concepts.
• Review of design material provided by Subcontractors to ensure compliance to requirements.
• Oversee the verification plans for security related aspects of the product/system.
• Support cost estimates and presentations to both customers and senior management as necessary.
• Responsible for ensuring Secure Software Development Lifecycle best practices are applied and measured.
• Participate in Product Security Incident Response Team (PSIRT).
   

Basic Qualifications

• A University degree in Engineering, Computer Science, or related field from an accredited institution is required.
• 10-15 years of security systems engineering experience.
• Certified Information System Security Professional (CISSP).
• Experience in the following areas: Cloud Computing, Network Defense principles and practice, Identity & Privileged Access Management, Information Security, Cross Domain Solutions, Vulnerability Management and Threat Risk Assessment.
• Experience implementing and operating technologies in the SSDLC, including manual code reviews, SAST, DAST, IAST, RASP.
• Experience Threat and Risk Assessment using HTRA1 methodology.
• Experience in the delivery and accreditation of systems/services against NIST SP800-53.
• Excellent verbal and written communications and customer interaction skills.
• Excellent interpersonal skills, problem solving abilities and project execution strengths.