Cybersecurity Application Engineer
Axiom Space · Houston, TX · 3 days ago
Information TechnologyFull-time
Key Duties & Responsibilities
- Secure Software Design & Integration
- Design and integrate secure communications protocols and mechanisms into software applications, ensuring confidentiality, integrity, and availability of data.
- Embed security controls at the application level, including authentication, authorization, input validation, and encryption, tailored to aerospace requirements.
- Threat Modeling & Risk Assessment
- Perform comprehensive threat modeling to identify potential risks and attack vectors in software systems.
- Conduct risk assessments and vulnerability analysis to evaluate and mitigate security weaknesses throughout the development lifecycle.
- Security Automation & DevOps Collaboration
- Collaborate with DevOps teams to seamlessly integrate security automation tools within CI/CD pipelines, enabling continuous security validation and rapid response to vulnerabilities.
- Champion secure coding practices and foster a culture of security awareness across development and operations teams.
- Application Security Testing
- Conduct code reviews, static and dynamic analysis, and penetration testing of aerospace applications to uncover and remediate security flaws.
- Document findings and recommend solutions to enhance the security posture of software products.
- Incident Response & Forensics
- Contribute to incident response activities by investigating and analyzing application-level attacks.
- Support forensic investigations to determine root causes, impact, and remediation strategies following security incidents.
Qualifications
- Education & Experience
- Bachelor’s Degree in Cybersecurity, Computer Science, or Computer Engineering is required.
- 7+ years of relevant experience in cybersecurity or related fields is expected.
- Demonstrated success in secure software development, particularly within aerospace or other regulated industries.
- Proven ability to deliver high-quality results under tight deadlines, even in ambiguous or fast-moving environments.
- History of proactive problem-solving and applying sound judgment to overcome complex challenges.
- Technical Skills and Knowledge
- Familiarity with industry standards and frameworks such as FISMA, CMMC, NIST, AES, FIPS 140-2/3, etc.
- Proficiency in security tools, including static and dynamic analysis platforms, penetration testing suites, and automation frameworks for security testing.
- Strong understanding of application security principles, cryptography, and secure coding standards.
- Experience with systems programming languages such as C, C++, Rust, or similar.
- Knowledge of hardware security modules and cryptographic key management practices.
- Relevant certifications are highly valued and may include CISSP, CEH, GWEB, OSCP, or CSSLP.
- Excellent communication and teamwork abilities are essential for collaborating across multidisciplinary teams and effectively conveying complex security concepts.
- Ability to adapt and thrive in dynamic environments, contributing positively to organizational goals.