Information Security Engineer

Maxar's Engineering Security team is looking to add anInformation Security Engineerto harden and defend our systems against continuous security threats. We are a growing security team that implements engineering design and security best practices under regulated frameworks (NIST, ISO27001, CIS). This role will require you to work collaboratively across multiple functional engineering teams managing the services, operations, reliability, and performance of Maxar applications.

Life with Us

Project:We are a multi-faceted team of cyber and compliance engineers working towards setting engineering and security best practices for Maxar software organizations. This role will require you to work collaboratively across multiple functional engineering teams to perform technical planning, coordination, and execution of cyber requirements against multiple product lines.

Your Career:We'revery serious about professional development and continuing education. We offer everyone the opportunity to define their own career trajectory. Our group has some amazing resources at its disposal specifically for this purpose. You will work with your direct supervisor and/or a mentor to set appropriate goals and design a plan to help you make consistent progress.

We offer:

• Dedicated professional development time.

• Peer groups.

• Education reimbursement.

• Student loan forgiveness.

• and much more...

Key Responsibilities:

• Align security work to product roadmaps and ensure security readiness towards products in your domain.

• Contribute to vulnerability management function

• Assess product technologiesand provide input onarchitecture and designs to better align with security best practices and regulated standards.

• Define security related system specification requirements against industry standards.

• Inventory and organize hardware and software data to inform operational decisions or activities.

• Supporting audit activities of systems and software for government approval.

• HelpIdentify, define and document system security requirements and recommend solutions to supporting engineering teams

• Contribute to the execution of company's information security strategy, planning, anddevelopment.

• Help educate and train staff on information system security best practices.

Minimum Requirements:

• Ability to obtaina USG SecurityClearancebased on needs of product you are supporting

• Bachelor's degree + 4 years of additional, relevant experience; or security industry certification at IAT Level 3.

• Significantexperienceoperating within Cloud Based architecture environments

• Experience with Regulated Security Frameworks: NIST 800-171, NIST800-53, ISO27001, SOC2, CMMC

• Create/Design Infrastructure as Code architecturesutilizing security best practices (CIS, NIST, or similar)

• Experience assessing technology against regulated frameworks

• Strong organizational and communication skills for cross collaboration

• Excellent verbal and written communication skills across a geographically diverse team.

Preferred Skills:

• Understanding of how remote worker hardware and software needs differ from customer site needs.

• Experience working with the following Experience with container orchestration using Kubernetes, or similartechnologies or teams working with:

• Linux operating systems

• AWS Services such as: VPC, EC2, EBS, RDS

• Experience building, integrating, and managing day to day cloud agnostic tools such as: secrets manager, security testing, terraform

• Experience with integrating products from another Enterprise area

• Experience and support ATO efforts through producing artifacts, deconstructing infrastructure environments, improving infrastructure environments for the systems to be accreditable.

• Experience with Continuous Monitoring of applications