Security Engineer

Description

At SEMCON, we are dedicated to supporting the Federal Aviation Administration (FAA) by providing top-tier technical, managerial, and professional resources to meet their needs. Our team is made up of talented individuals who contribute to a collaborative, dynamic work environment.

We believe in fostering a culture that focuses on career growth, enriching experiences, and collaboration. At SEMCON, we work together to create an environment where everyone thrives, and our collective success is greater than the sum of our parts.

We’re looking for a Security Engineer to join our team at the William J. Hughes Technical Center to support the Voice Switching and Recording (VS&R) program. This role will involve performing security assessments and implementing security controls on a range of systems and technologies.

Requirements

The Security Engineer should be proficient in Linux and will focus on Security Assessments and Security Implementation and experience should include all or a combination of the following :

 Linux System Administration: (High Priority - Must have)

• Proficient Linux experience (comfortable on the terminal, writing bash scripts, configuring packages and servers)
• Hands-on working knowledge of Linux OS system structure and configuration (e.g. directory structure, device files, network configuration, file management)
• Proficient using automation tools such as Ansible, Docker, Jenkins, etc.

System Networking: (Essential)

• Hands-on experience of networking, including network design, VLAN/subnetting, configuring managed routers/switches
• Knowledge of network protocol interactions
• Ability to coordinate IP address/subnet requests and firewall rule requests using tables and spreadsheets

System Security: (Essential)

• Experience performing hands-on port scanning & vulnerability scanning, including remediating, at the technical level, each finding in the scans, including proving false failures (why a scan result may be invalid)
• Working knowledge of security standards, e.g. NIST 800-53, HSPD-23, ISO 27001
• Experience performing penetration testing to verify new security controls are effective.
• Familiarity using cryptographic protocols (asymmetric/symmetric ciphers, hashing, key exchange)
• From a system acquisition perspective, experience documenting security requirements for Statements of Work (SOWs), Contract Data Requirements Lists (CDRLs), and Data Item Descriptions (DIDs)

Communication & Project Management: (Essential)

• Strong logic/reasoning skills (e.g., can understand/analyze requirements, and identify logical gaps)
• Experience conducting and participating in technical interchange meetings
• Strong, clear verbal and written communication skills
• Software/Programming skills: (Last Priority)

Software Development: (Important)

• Proficient in two or more of: C/C , Python, Golang, Rust
• Usage of version control software (e.g., Git)
• Knowledge of software design patterns and anti-patterns
• Comfortable with common software data structures and algorithms

As a plus: Familiarity with embedded Linux system design and implementation, including performance optimization 

A Bachelor's Degree in Computer Science, Engineering, or related discipline and at least 6-15 years of experience is preferred.

SEMCON will offers a competitive salary and complete benefits package which includes health benefits (medical, dental, vision, and life), 401K with a generous employer match, paid time off, and paid holidays. Some hybrid/telework may be available for candidates with a long commuting distance from the facility in Egg Harbor Township, NJ, however a regular on-site presence is also required.

Applicants must be authorized to work for ANY employer in the U.S. We are unable to sponsor or take over sponsorship of an employment Visa at this time.  This is an in-person position with a requirement to work on site 5 days per week.