Spirit AeroSystems designs and builds aerostructures for both commercial and defense customers. With headquarters in Wichita, Kansas, Spirit operates sites in the U.S., U.K., France and Malaysia. The company’s core products include fuselages, pylons, nacelles and wing components for the world’s premier aircraft. Spirit AeroSystems focuses on affordable, innovative composite and aluminum manufacturing solutions to support customers around the globe.
Integrates new architectural features into existing infrastructures, designs cyber security architectural artifacts, provides architectural analysis of cyber security features and relates existing system to future needs and trends, embeds advanced forensic tools and techniques for attack reconstruction, provides engineering recommendations, and resolves integration and testing issues. May interface with external entities including law enforcement, intelligence and other government organizations and agencies
Skills & Experience
- US Citizenship Required
- Ability to obtain and maintain DOD clearance
- Broad experience in general security controls such as end point security, cryptography, PKI, directory services, IPSec, etc.
- Knowledge in Incident Management best practices
- Knowledge with the Software Development Life Cycle
- Experience with security technologies and methods as they apply in a business environment
- Bachelor’s degree in computer technology, information management or related field required with a minimum of 5 years IT related Security experience
- Major certification such as: CISSP, CISM, CISA, CCSP, SANS, GIAC or comparable certification
- Certified Ethical Hacker certification preferred
- Experience working with IP based networking protocols, firewalls, IPS/IDS, SEIM, general application and database security, and operating system internals and security control mechanisms
- Broad experience in information technologies, such as programming languages, computer hardware, testing methodologies, databases, and system design
- Experience in cyber security with the ability to assess current vulnerabilities and threats and the development of controls, remediation & countermeasures
- Experience in performing network vulnerability scanning, penetration testing, security event log collection, cyber threat analysis, and reporting
- Experience in managing security risks related to third parties and vendors
- Knowledge of commonly accepted industry standards and best practices relating to security, including ISO 27002/27005, ITIL, CMM, NIST publications and other best practices
- Past experience designing, building and integrating security technologies such as Security Event Management, encryption products, data protection or data leakage, GRC tools, identity management, VPNs, etc.
- Experience hardening operating systems (examples: NT, W2K, LINUX, UNIX)
- Experience using Foundstone, Nessus, FireEye, Metasploit, WireShark, or Nmap
Spirit AeroSystems is an equal opportunity employer and considers qualified applicants for employment without regard to race, color, creed, religion, national origin, sex, sexual orientation, gender identity and expression, marital or civil partnership status, pregnancy, age, disability, veteran status or any other protected factor under federal, state or local law.