Aireon is on the path to revolutionizing air traffic surveillance and aircraft tracking, as the world’s first and only company deploying a 100 percent global space-based system. This system will provide real-time aircraft monitoring spanning never before covered areas of the planet, including remote, oceanic and polar regions. Aireon’s receivers are hosted on the Iridium NEXT satellite constellation, which began launching in January 2017. The Iridium NEXT constellation consists of 66 operational satellites in a low-earth orbit and utilizes a unique cross-linked satellite architecture creating a web of coverage around the world. The Aireon system has the ability to enable a safer, more efficient and environmentally friendly aviation industry resulting in significant CO2 emission reductions. Numerous Air Navigation Service Providers have already signed on to receive Aireon’s space-based ADS-B data, including NAV CANADA, Naviair, Enav, the Irish Aviation Authority, UK NATs and more.
The Security Engineer is an integral part of Aireon’s network and system security program, and is principally responsible for the ongoing design, testing, implementation, maintenance, and analysis of security systems and network indicators that assure the security and integrity of the network and system. This role provides technical support in the development, engineering, design, implementation, and effective application of information security tools, policies, and procedures for the overall program.
The Security Engineer will report directly to Aireon’s Information Security Manager (ISM). Communication and adeptness at working with a variety of personalities and skillsets across multiple organizations, multiple time zones, managing subcontract and vendor relationships, and willingness to contribute broadly in a fast-paced, start-up environment will be a key part of this role.
Engineer, implement and monitor security measures for the protection of computer systems, networks and information.
Identify and define system security requirements.
Design computer security architecture and develop detailed cyber security designs.
Prepare and document standard operating procedures and protocols.
Configure and troubleshoot security infrastructure devices.
Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks.
Ensure the ISM knows as much as possible, as quickly as possible about security incidents.
Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement.
Ensure the confidentiality, integrity, availability, and reliability of Aireon’s information while being stored, transmitted or processed throughout Aireon’s operational and corporate networks.
Configure and install firewalls and intrusion detection systems.
Perform vulnerability testing, risk analyses and security assessments.
Develop automation scripts to handle and track incidents.
Collaborate with colleagues on authentication, authorization and encryption solutions.
Evaluate new technologies and processes that enhance security capabilities.
Test security solutions using industry standard analysis criteria.
Deliver technical reports and formal papers on test findings.
Respond to information security issues during each stage of a project’s lifecycle.
Define, implement and maintain corporate security policies.
Analyze and advise on new security technologies and program conformance.
Recommend modifications in legal, technical and regulatory areas that affect IT security.
Monitor VPNs, server logs, firewall logs, intrusion detection logs, and network traffic for unusual or suspicious activity. Interpret activity and coordinate with the ISM to develop plans for resolution.
Support Incident Response investigations as required and occasionally after normal business hours.
Maintain and keep current all security systems and their corresponding or associated software, including firewalls, VPNs, intrusion detection systems, cryptographic systems, biometrics, anti-spam, and anti-virus software, and all updates published by their respective vendors or manufacturers.
Assist with enforcement of policies and procedures for system security administration and user system access, based on industry-standard best practices and Aireon’s Information Security Policies.
Recommend and deploy additional security products and tools, or enhancements to existing tools, to detect violations of network security measures.
Conduct research on emerging products, services, protocols, and standards in support of security enhancement and development efforts.
Ensure that the appropriate patches, hot fixes, and service packs are installed on company-owned or licensed software in a timely manner and in accordance with established Aireon processes and procedures.
Control user logon procedures and password management practices.
Develop and propagate security awareness among employees.
Assist in designing and implementing disaster recovery plans for operating systems, databases, network connections and protocols, servers, and software applications.
Availability to respond to after-hours and on-call as backup support.
Lifting and transporting of moderately heavy objects (25 lbs.), such as computers and peripherals.
Performs other Information Technology duties as assigned by the Director of Operations, or the Information Security Manager.
Hands on experience with conducting penetration and vulnerability testing.
Firewall, IDS and IPS configuration management.
Practical knowledge of Secure coding practices, ethical hacking and threat modeling.
Practical experience with Windows, UNIX and Linux operating system environments.
Hands on experience with Virtualization technologies.
Familiarization with Oracle, MySQL/MSSQL and other database platforms.
Identity and access management principles.
Application security and encryption technologies.
Secure network architectures and best practices.
Subnetting, DNS, encryption technologies and standards, VPNs, VLANs, VoIP and other network routing methods.
Network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols, etc.).
Familiarization with Advanced Persistent Threats (APT), phishing, social engineering, network access controllers (NAC), provisioning access controllers (PAC), gateway anti-malware, and enhanced authentication.
Familiarization with the Risk Management Framework, NIST, and FIPS publications.
Familiarization with cloud security concepts.
Familiarization with MS Visio, ConceptDraw, LucidChart, Intermapper or other network diagram topology mappers.
Demonstrated experience and knowledge of telco networking including MPLS, VPNs, Internet protocols, routing protocols, and network security.
Hands-on experience monitoring and evaluating network performance data.
Familiarity with network monitoring and configuration capture tools.
Experience working directly with telco providers and technically managing subcontractors.
Experience with help desk and ticketing systems.
Working understanding of network security, firewall configuration, and operating system network configuration.
Ability to handle multiple simultaneous assignments and manage multiple vendors.
Ability to quickly learn and apply Aireon’s safety culture.
Demonstrated initiative and detail-orientation to ensure accurate capture of incident characteristics and quick resolution of issues for continuing successful operations.
Ability to work as part of a team comprised of internal and external resources located in multiple geo-graphic locations and time-zones.
Ability and motivation to work in a fast-paced, start-up entrepreneurial environment.
Proactive communicator with strong written and verbal skills.
US Citizen or U.S. permanent resident.
4-year computer science or engineering college degree.
Minimum 5-8 years of information security or information technology work experience.
Broad hands-on knowledge of network and information security components, including firewalls, intrusion detection systems, network devices and protocols, anti-virus software, data encryption, and other industry-standard techniques and practices.
One or more of the following professional certifications preferred: CISSP, OSCP, GSEC, CCSP, CompTIA Security+, CCNA Security, or C|EH.
Strong knowledge of IP, TCP/IP, and other network administration protocols, including their vulnerabilities and solutions.
Knowledge of applicable practices and laws relating to data privacy and protection.
Knowledge of vulnerability assessment and penetration testing methodologies and platforms.
Working technical knowledge of current systems software, operating systems, and networking protocols and standards, including Microsoft Windows, VMWare and Cisco IOS.
Hands-on experience with devices such as firewalls, hubs, switches, and routers.
Highly self-motivated and directed. Ability to conduct research into emergent security threat, actors and products as required.
Excellent analytical and problem-solving skills in relation to computers, network systems and software; proven verbal communications skills within all organizational levels required; Strong organizational skills and excellent attention to detail.
Ability to prioritize and execute tasks in a high-pressure environment.
Experience working in a team-oriented, collaborative environment.
Ability to utilize standard office equipment including but not limited to: PC, fax, copier, telephone, etc.
Ability to lift 25 lbs. or more and relocate computer equipment.
Regional and International travel required
Ability to obtain Position of Trust clearance
Satisfactory credit and ability to pass a background check required
Aireon is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, sexual orientation, gender identity or status as a protected veteran. EOE of Minorities/Females/Vets/Disability and other protected categories.