Software Security Lead - Principal Software Engineer - S3E

Location: 1151 E Hermans Rd, Tucson, AZ, Building 801 (External Site)

Date Posted:

Country: United States of America

Position Role Type: Onsite

Security Clearance: U.S. active and transferable DoD Secret clearance required (interim clearance to be obtained prior to start).

The Software Security Sensors and Effectors Department within the Software Product Assurance (SPA) Center is looking for a highly motivated individual to fill a Software Security Lead (SSL) position in Tucson, AZ. The SSL will work with Systems and Software Architects, and program stakeholders to ensure that software security is embedded in the program's processes and customer deliverables.

• Act as the Technical Lead and possibly the Agile Product Owner for the Software Security Team.
• Primary owner of the software security implementation to ensure compliance with System Security requirements.
• Adopt and implement secure coding standards for each programming language used.
• Drive off-nominal testing by ensuring the software remains in a secure state during failure conditions and developing negative test cases for bypassing security.
• Consider using compiler, interpreter and build tool features that improve executable security and ensure the compiler does not optimize out any security-critical behaviors.

• Bachelor's degree in Science, Technology, Engineering or Mathematics (STEM) and 8 years of related experience.
• Experience in object-oriented software design and embedded development using languages such as C or C++.
• Experience with Xilinx Ultra Scale+ MPSoC, Versal, or similar Embedded Processors.
• Experience with embedded OS like VxWorks, Embedded Linux, or similar.
• Embedded Software Security and Cryptographic Algorithm experience.
• Experience with Secure Boot concepts.
• Understanding of secure coding principles, architecture and implementation of secure coding best practices.
• Active U.S. citizenship and the ability to obtain and maintain a U.S. security clearance.

• Experience with validation and verification of software applications.
• Experience/Knowledge of any of the following:
  • Linux/Unix environment
  • Interfacing with FPGAs
  • Interfacing with low-level memory drivers
  • Inter-processor communication
  • ARM Architecture
  • Experience designing, implementing, testing, or fielding real-time security-oriented solutions on Department of Defense (DoD) programs.
  • Experience using security-relevant tools and devices for security auditing, network security, host/server security, communication security, or policy management.
  • Experience in Agile and Dev Sec Ops  environments.
  • Experience in an Agile/Scrum/Kanban framework and development environments.
  • Experience using software configuration management and bug tracking tools.
  • Experience with Python / Perl.
  • Knowledge of modern computer architecture and hardware technologies including PCIe, GPIO, I2C, SATA.
  • Field Programmable Gate Arrays (FPGAs)
  • Application-Specific Integrated Circuits (ASICs).

• Medical, dental, vision, life insurance, short-term and long-term disability.
• 401(k) match, flexible spending accounts, flexible work schedules.
• Employee assistance program, Employee Scholar Program, parental leave, paid time off, holidays.
• Annual short-term and/or long-term incentive compensation programs (subject to position level and collective bargaining agreement).

RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with the Rehabilitation Act and the Vietnam Era Veterans' Readjustment Assistance Act.