Rapiscan Systems is an industry leader in detection technology, providing cargo and vehicle inspection systems and services for ports, borders, military, high-threat facilities, and checkpoints to help customers combat terrorism, drug smuggling, illegal immigration, and trade fraud. We offer a broad array of scanning system configurations that leverage low-, medium-, and high-energy X-ray technology—or multiple X-ray technologies—to address each customer’s unique security application requirements. Our commitment to excellence in imaging performance, innovative design, and uncompromising quality ensures our solutions consistently deliver best-in-class imaging, high reliability, and operator satisfaction, to help customers find threats and contraband with ease and confidence.
The Senior Cyber Security Engineer is responsible for leading the operations of the cyber security testing lab. S/he collaborates closely with R&D and QA/RA. In addition to local security responsibilities, this position is part of a larger corporate cyber security team for OSI Systems.
- Own the effort to assess and define the cyber security design requirements for border protection and transportation security products. Perform this work from within a standardized security framework.
- Analyze, report on and assist in management of security-related risks, including reporting on outcomes and proposing further security improvements.
- Help with the constant process of educating product design staff and organization stakeholders on cyber security and how it affects the product design and support efforts
- Own the process of defining innovative solutions to secure and support networked products that are used in highly diverse settings over long install periods.
- Participate in and assist with development or product test protocols. These protocols should allow for efficient assessment of product vulnerabilities, and include work with engineering and provide recommendations of remediation alternatives.
- Work with product engineering teams to help them understand cyber security test results and identify remediation techniques that could be employed to address the findings
- Lead efforts to assess the vulnerability of products to new and emergent threats. Efforts must identify root cause and identify remediation strategies as needed. Work to develop communications from those assessments that will inform internal engineering, service and external customers.
- Proactively support use of standardized processes. Prepare and document standard operating procedures and protocols to help ensure the security of our products as they are designed, developed, supported, and used.
- Duties may be modified or assigned at any time to meet the needs of the business.
- Bachelor’s degree in Computer Science, Information Security, Engineering, or related field
- Cybersecurity certifications such as Security+, CISSP, CCNA Security, or GIAC (GICSP) are desirable.
- Proven experience in information technology with a focus in security.
- Experience in supporting product design efforts and leading cyber security design efforts that are based on holistic industry security standards
- Familiarity with security standards and frameworks including NIST 800-53, NIST CSF, NIST 800-171, and/or ISO 27001, and/or US government ATO processes.
- Demonstrated experience leading efforts to define and capture the architectural and technical product design specifications at the network, as well as application, and database/data store level of the product and the business eco system it operates within.
- Experience performing vulnerability testing of systems and software
- Experience performing Threat, Exploit, and Vulnerability analysis of products and systems
- Experience working in a highly regulated environment is desirable. Experience working with transportation security and/or international governments is a plus.
- Knowledge and experience with industrial systems and Internet of Things (IoT) is desirable
- Detailed technical knowledge of operating system and network security in physical, virtual and cloud-based (AWS) implementations is required.
- Experience with embedded Windows/Linux, mobile, and RTOS operating systems
- Hands-on experience in security systems, including endpoint security, vulnerability management, network security technologies such as firewalls and IPS/IPS, wireless network security, authentication systems, log management, and encryption
- Experience with application and database security design is required
- Experience with governance and risk management for vulnerabilities identified during cyber security testing operations is expected
- Proven ability to lead a project from start to finish from the technical side
- Experience writing engineering design specifications.
- Capability to clearly communicate information security concepts and risks
- Able to reliably complete assignments with limited supervision, and to help lead the actions of others to accomplish complex or extended work assignments.
- Experience performing Project Management responsibilities to plan and track execution of assigned workload
- Experience or awareness with industrial control systems and/or the implementation of cyber security in operational technology (OT) environments is desirable.
- Experience working in a global environment across multiple time zones.
- May involve some international travel
- Must be capable of passing security background clearance investigation
