"Alerted.org

Job Descriptions:

Ready for What's Next? At Kratos, we encourage an entrepreneurial spirit balanced with fiscal and operational discipline. We work hard, we solve hard problems, and we look out for and take care of our customers, each other and our families. Protecting and enabling our nation and global customers through innovative aerospace solutions is what motivates us. We continually build trusted relationships with our peers, our partners and customers, and we take ownership for our actions—always doing the right thing.

We are seeking a Product Security Engineer to join a highly motivated team that will play a critical role in shaping the future of new critical satellite ground systems solutions. The candidate will play a critical role on the team to ensure that we meet project security needs in an agile software development environment. Key focus areas will include developing software/scripts to automate system hardening, NIST 800-53 controls, and generating RMF artifacts in support of satellite telemetry and commanding, archive trending and analysis, schedule execution via mission planning interfaces, task automation, simulation, and other core infrastructure and mission unique capabilities of the ground system. The candidate will work closely with project development, system engineering, test, deployment, and on-site user support personnel.

Responsibilities include but are not limited to:

Work with the Cybersecurity Technologies, Solutions Architect, and Solutions Delivery teams to ensure security requirements are efficiently incorporated in all aspects of system development, integration and delivery. Develop security tools that automate system hardening, NIST 800-53, ZTA control implementation and generating RMF documentation. Communicate, train, mentor security within the project and development teams: security architecture (ZTA), secure coding practices, general cyber security best practices. Articulate technical concepts orally and in written forms to the customer, users, and the development teams. Support verification and troubleshooting of the security solutions integrated by the development and solutions delivery staff.

Required Experience:

+ Expert level knowledge of Linux/embedded operating system DISA STIG hardening

+ Expert level experience developing/coding using Bash, Python, automating security solutions such as:

+ OS hardening and patching in air-gapped environments

+ Automation of security controls (DISA STIGs / NIST 800-53) for Linux Operating Systems and applications such as: Kubernetes (RKE2/OpeEnShift)

+ Generating and manipulating NIST 800-53 / RMF documentation

+ Zero Trust Architecture and Zero Trust Network Overlays

+ Perform automated vulnerability assessments and compliance scans of operating systems and applications

+ Remediate findings, provide mitigations, or technical justification to accept residual risk.

+ Automate Risk Management Framework (RMF) documentation and analysis tools.

+ Defensive Cyber Operations Tools: ie: SIEM (Logrythm/Splunk), Nessus, Trellix, etc

+ Certified Information System Security Professional (CISSP)

Preferred Skills and Experience

+ DEVOPS/DEVSECOPS

+ Infrastructure Build and Configuration Automation using tools such as Ansible.

+ General knowledge with Docker, Kubernetes, and Rancher

+ General cloud knowledge in AWS, Azure

+ Knowledge with security tools in automated pipelines such as SonarQube, Hashicorp Vault, FOSSA, etc

+ Understanding of VLANs, firewalls (iptables), switching (trunk/access), tunneling and air-gapping

+ Certified Ethical Hacker (CEH)

#LI-Onsite

The grade-based pay range for this job is listed below. Individual salaries within that range are determined through a wide variety of factors including but not limited to education, experience, knowledge, and skills.

Competitive salary based on experience and education Salary Range: $125,000-$150,000

Kratos is valued for our ability to design and deliver leading edge, resilient solutions for aerospace communication, control, awareness and mission success across a continuum of offerings—from commercial to tailored custom solutions and integrated programs. Customers trust us to stay relevant and know we are in it for the long-haul. We bring both the capability and confidence that our customers value and depend on. And, we always deliver.

This posting will close within 90 days from the Posting Date.

Keyword: Product Security Engineer, STIG, system hardening, python, bash, CISSP, CEH, (ZTA), Risk Management Framework (RMF), linux, RHEL, SLES

Kratos Defense is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, pregnancy, genetic information, disability, status as a protected veteran, or any other protected category under applicable federal, state, and local laws.

Disability Accessibility Accommodation

If you require an accommodation to navigate or apply to our careers site, please send your request to [email protected] or call 858-964-2916. Any inquires not related to requesting an accommodation will be discarded.

Pay Transparency

The company will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant.

Job Applicant Privacy Notice

For applicants in the EU and California residents, please review our privacy notice.

From: Kratos Defense