What are the responsibilities and job description for the Sr Cybersecurity Engineer position at Control Insights LLC?
Overview
S2 Global, an OSI Systems Company is seeking a Senior Cybersecurity Engineer to work in its Torrance, CA location. This is an onsiite role.
S2 Global is the leading provider of security screening solutions and has extensive experience in program assessment, technology deployment, operation management, image analysis and maintenance services at major events, ports, land borders and air cargo facilities. Focused on Operations, Integration and Training, S2 Global’s solutions ensure that customers have the advanced technologies and sophisticated techniques to significantly increase their screening capabilities.
S2 Global is seeking a hands-on Senior Cybersecurity Engineer for support of their border protection and transportation security products. The successful candidate must have experience in analyzing, defining, and documenting cyber security requirements for government or commercial products based on a standards-based approach. They must have excellent communication skills and can be trusted to develop or lead efforts to develop design documentation. They must be trusted to reliably complete a wide range of assignments with very little supervision, and to proactively communicate on the progress of work (or issues encountered). They must have good attention to detail, and the ability to organize and coordinate the completion of multiple concurrent actions.
Responsibilities
The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location and date of hire. Please note that the salary information shown above is a general guideline only. Salaries are based upon candidate experience and qualifications, as well as market and business considerations.
NOTICE TO THIRD PARTY AGENCIES
OSI Systems, Inc. and its subsidiaries (collectively “OSI”) does not accept unsolicited resumes from recruiters or employment agencies. If any person or entity, including a recruiter or agency, submits any information, including any resume or information regarding any potential candidate, without a signed agreement in place with OSI, OSI explicitly reserves the right to use such information, and pursue and/or hire such candidates, without any financial obligation to the person, recruiter or agency. Any unsolicited information or resumes, including those submitted directly to hiring managers, are considered and deemed to be the property of OSI.
Equal Opportunity Employer - Disability and Veteran
Know Your Rights
Poster Link
https://www.eeoc.gov/sites/default/files/2023-06/22-088_EEOC_KnowYourRights6.12ScreenRdr.pdf
OSI Systems, Inc. has three operating divisions: (a) Security, providing security and inspection systems, turnkey security screening solutions and related services; (b) Healthcare, providing patient monitoring, diagnostic cardiology and anesthesia systems; and (c) Optoelectronics and Manufacturing, providing specialized electronic components and electronic manufacturing services for original equipment manufacturers with applications in the defense, aerospace, medical and industrial markets, among others.
S2 Global, an OSI Systems Company is seeking a Senior Cybersecurity Engineer to work in its Torrance, CA location. This is an onsiite role.
S2 Global is the leading provider of security screening solutions and has extensive experience in program assessment, technology deployment, operation management, image analysis and maintenance services at major events, ports, land borders and air cargo facilities. Focused on Operations, Integration and Training, S2 Global’s solutions ensure that customers have the advanced technologies and sophisticated techniques to significantly increase their screening capabilities.
S2 Global is seeking a hands-on Senior Cybersecurity Engineer for support of their border protection and transportation security products. The successful candidate must have experience in analyzing, defining, and documenting cyber security requirements for government or commercial products based on a standards-based approach. They must have excellent communication skills and can be trusted to develop or lead efforts to develop design documentation. They must be trusted to reliably complete a wide range of assignments with very little supervision, and to proactively communicate on the progress of work (or issues encountered). They must have good attention to detail, and the ability to organize and coordinate the completion of multiple concurrent actions.
Responsibilities
- Own the effort to assess and define the cybersecurity design requirements for the S2 Global CertScan Integration Platform and associated hardware/software. Perform this work from within a standardized security framework.
- Help with the constant process of educating product design staff and organization stakeholders on cybersecurity and how it affects the product design and support efforts
- Own the process of defining and documenting innovative solutions to secure and support networked products that are used in highly diverse settings over long install periods.
- Analyze, report and assist in the management of security-related risks, including reporting on corrective action plans, risk registers, assessment results and proposing further security improvements.
- Participate in and assist with development or product test protocols. These protocols should allow for efficient assessment of product vulnerabilities and include work with engineering and provide recommendations of remediation alternatives.
- Work with product engineering teams to help them understand cybersecurity test results and identify remediation techniques that could be employed to address the findings.
- Lead efforts to assess the vulnerability of products to new and emergent threats. Efforts must identify root cause and identify remediation strategies as needed. Support communications from those assessments that will inform internal engineering, service and external customers.
- Proactively support use of standardized processes. Prepare and document standard operating procedures and protocols to help ensure the security of S2 Global products as they are designed, developed, supported, and used.
- Uphold the company’s core values of Integrity, Innovation, Accountability, and Teamwork.
- Demonstrate behavior consistent with the company’s Code of Ethics and Conduct.
- It is the responsibility of every employee to report to their manager or a member of senior management any quality problems or defects for corrective action to be implemented and to avoid recurrence of the problem.
- Duties may be modified or assigned at any time to meet the needs of the business.
- Bachelor of Science (BS) in Cybersecurity, Information Technology, Computer Science or related field.
- 10-15 years of work experience in information technology with a focus on security.
- Required to obtain or transfer US federal background check /clearance, drug screening, and meet requirements for access to US government facilities and/or government IT networks; terms of federal contracts require US citizenship.
- Cybersecurity certifications such as CISSP, CISM, Security , CCNA Security, GIAC or equivalent certification required.
- Must have demonstrated familiarity with security standards and frameworks including: NIST 800-53, NIST CSF, NIST 800-171, IEC 80001, CMMC, GDPR, NIS2, FED-ramp or ISO 27001, and/or US government ATO processes such as Risk Management Framework (RMF).
- Experience assessing security controls and reporting findings.
- Experience with implementing and assessing Security Technical Implementation Guides (STIGs).
- Experience performing Project Management responsibilities to plan and track execution of assigned workload to include project charters, work breakdown structure (WBS), and project status reporting.
- Experience in supporting product design efforts and leading cybersecurity design efforts that are based on holistic industry security standards.
- Experience in vetting suppliers and vendors, and/or third-party risk management, or supply chain risk management.
- Proven ability to lead a cybersecurity project from start to finish.
- Experience writing Cybersecurity procedures, policies, SOPs, and engineering design specifications.
- Demonstrated experience leading efforts to define and capture the architectural and technical product design specifications at the network, as well as application, and database/data store level of the product and the business eco system it operates within.
- Experience working in the design of highly regulated industries is highly desirable.
- Experience performing vulnerability testing of systems and software.
- Experience performing Threat, Exploit, and Vulnerability analysis of products and systems.
- Knowledge and experience with industrial systems and Internet of Things (IoT) is desirable.
- Detailed technical knowledge of operating system and network security in physical, virtual and cloud-based (AWS) implementations is required.
- Experience with embedded Windows/Linux, mobile, and RTOS operating systems.
- Hands-on experience in security systems, including endpoint security, vulnerability management, network security technologies such as firewalls and IDS/IPS, wireless network security, authentication systems, log management, and encryption.
- Experience with application and database security design is required.
- Experience with governance and risk management for vulnerabilities identified during cybersecurity testing operations is expected.
- Capability to clearly communicate information security concepts and risks.
- Good verbal and written communication skills in English
- Demonstrated ability to work as part of a team.
- Able to reliably complete assignments with limited supervision, and to help lead the actions of others to accomplish complex or extended work assignments.
- Experience working in a global environment across multiple time zones.
- Previous DoD contractor or ISSM experience.
The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location and date of hire. Please note that the salary information shown above is a general guideline only. Salaries are based upon candidate experience and qualifications, as well as market and business considerations.
NOTICE TO THIRD PARTY AGENCIES
OSI Systems, Inc. and its subsidiaries (collectively “OSI”) does not accept unsolicited resumes from recruiters or employment agencies. If any person or entity, including a recruiter or agency, submits any information, including any resume or information regarding any potential candidate, without a signed agreement in place with OSI, OSI explicitly reserves the right to use such information, and pursue and/or hire such candidates, without any financial obligation to the person, recruiter or agency. Any unsolicited information or resumes, including those submitted directly to hiring managers, are considered and deemed to be the property of OSI.
Equal Opportunity Employer - Disability and Veteran
Know Your Rights
Poster Link
https://www.eeoc.gov/sites/default/files/2023-06/22-088_EEOC_KnowYourRights6.12ScreenRdr.pdf
OSI Systems, Inc. has three operating divisions: (a) Security, providing security and inspection systems, turnkey security screening solutions and related services; (b) Healthcare, providing patient monitoring, diagnostic cardiology and anesthesia systems; and (c) Optoelectronics and Manufacturing, providing specialized electronic components and electronic manufacturing services for original equipment manufacturers with applications in the defense, aerospace, medical and industrial markets, among others.
