Cybersecurity Specialist

The Cybersecurity Specialist (Aerospace) will be part of a global team of security experts driving ‘Security by Design’ philosophy in Eaton product and solutions. This position will coordinate, advocate, and lead the cybersecurity activities across various product groups within the Aerospace Division. This is a hybrid work schedule that will be based out of our Moon Township, PA location with up to 10% travel. Relocation assistance offered.
ESSENTIAL FUNCTIONS:
•    Lead Engineer will be the Cybersecurity technical leader for driving Secure Product Development processes across various Aerospace division product portfolio.
•    Works directly with Eaton Product Cybersecurity CoE to help define hardware/software cybersecurity requirements for Products in Aerospace division.  
•    Works directly with the Product Cybersecurity COE in coordinating /planning the Vulnerability Assessment & Penetration Testing of the existing and upcoming Eaton Cyber Physical products and solutions spanning a wide range of technologies including Aero-grade Microprocessors / Silicon components, FPGAs, Avionics, IoT devices, systems & solutions, Cloud Infrastructure  Web applications, mobile applications, thick clients, wireless devices, embedded systems deployed within Aviation product context. 
•    Drives Threat Modeling and Risk Assessment exercise with product teams early in the design and throughout the entirety of the development lifecycle to identify applicable cybersecurity requirements, in consultation with the experts within the Product Cybersecurity COE.
•    Providing hands-on guidance to the product teams as they implement complex cybersecurity features and requirements in their products by creating the Cybersecurity concepts.
•    Works closely with the Product Cybersecurity COE to build / deploy & maintain security tools and security automation frameworks to drive efficiency & effectiveness of the Cybersecurity work package delivery across various projects for the Aerospace group.
•    Supports the DevSecOps teams with automation of cybersecurity best practices.
•    Evangelizing and providing technical security trainings to the Technical Leaders, Cybersecurity Engineers, software developers and test engineers across the organization and evangelizing the importance of cybersecurity in other functions like product / project management & sales /services.
•    Works with the marketing function at division / sector / corporate level to build marketing collateral to amplify and build competitive advantage for Eaton products around ‘Secure-by-design’ & Cybersecurity certification. 
•    Monitoring evolving threat landscape, cybersecurity technologies, standards, frameworks within Aerospace industry and drive continuous improvement in Eaton’s cybersecurity requirements, frameworks and processes to comply / address / respond to the constantly evolving external landscape
•    Participates & represents Eaton in the Cybersecurity standardization bodies  and maintains a Professional qualifications and credentials as a thought leader in the area of Cybersecurity of Critical Infrastructures.    

Basic Qualifications:
-Bachelor’s or master’s degree in Electrical Engineering, Electronics Engineering, Avionics, or Computer Science.
-Minimum 8 years of experience in Product cybersecurity within Critical Infrastructure & Cyber Physical Systems Security, or Aerospace security.
-You must be a U.S. citizen to be eligible and considered for this position pursuant to applicable U.S. Federal Government contract requirements.
-Candidate must be eligible to obtain and maintain a U.S. Government security clearance (Secret or higher) as required by applicable US government regulations (ITAR, EAR or equivalent national regulations) to the program assignments.
-Eaton will not consider applicants for employment immigration sponsorship or support for this position. This means that Eaton will not support any CPT, OPT, or STEM OPT plans, F-1 to H-1B, H-1B cap registration, O-1, E-3, TN status, I-485 job portability, etc.
-This position requires access to export-controlled information. To conform to U.S. Government export regulations applicable to that information, applicant must be a U.S. person, defined as a (i) U.S. citizen or national, (ii) U.S. lawful, permanent resident (green card holder), (iii) refugee under 8 U.S.C. § 1157, or (iv) asylee under 8 U.S.C. § 1158.

Preferred Qualifications
-Demonstrate a functional knowledge of the various communications technologies used in Avionics, both within the Aircraft & the IT and the OT technologies used in Aviation Industry.
-Demonstrate a functional understanding of DO-326A, DO-356A standards and various Federal and Industry regulations emerging in the area of Aerospace security.
-Familiarity with NIST 800 53 / 800 171, CMMC, or defense cybersecurity compliance frameworks.
-Experience applying security controls to model based verification and validation (V&V) activities, including simulation, Hardware in the Loop (HIL), Software in the Loop (SIL), and Model in the Loop (MIL) testing
-5+ years of relevant experience in Product cybersecurity, preferably in the area of engineering, program and portfolio management, risk management, preferably within Critical Infrastructure & Cyber Physical Systems Security, Aerospace security.
-Prior experience supporting Defense, Aerospace, or Government programs requiring security clearance or export-controlled data.
-Must be able to clearly understand & articulate security requirements related to each of IT, OT, IoT, and IIoT.
-Demonstrate functional understanding of threat modeling, deployment modeling, and how they can affect vulnerability assessments.
-Demonstrate a functional understanding of the Secure Product Development Lifecycle.
-Experience performing Threat Modeling of products, systems, and solutions AND Penetration Testing of various technologies with focus on Hardware components, Avionics components, on-board communication protocols (ARINC 429, 825 etc.). 
-Understand and reviewing the security features and datasheet of various chipsets used in the aerospace and recommend right chipsets for our products.
-Perform architectural reviews of the hardware designs that impact hardware root of trust, bootloader, secure boot, certificate/key storage etc. on various platforms.
-Demonstrate a functional understanding of cryptography (PKI, Key Management, Digital Certificates etc.) and security protocols.
-Demonstrate a functional understanding of Secure Code development practices.
-Understanding of how model based development intersects with Secure Product Development Lifecycle (SPDL), DevSecOps, and Aerospace certification requirements.
-Experience with integrating Security requirements & test scenarios into Model-based SW Engineering practices across the product lifecycle.

•    Significant experience in Hardware, applications security, avionics security and systems security 
•    Secure Software Development Lifecycle experience
•    Interest and experience in all aspects of computer and network security. From requirements gathering, designing, development, testing, user experience to operations.
•    Experience designing security solutions for Aerospace.
•    Understanding of security software solutions (IPS, Firewall, application firewalls, device security, encryption, etc.)

#LI-ML1