Date Posted:

Country:

Location:

Position Role Type:

U.S. Citizen, U.S. Person, or Immigration Status Requirements:

Security Clearance Type:

Security Clearance Status:

The Embedded Product Cybersecurity team is seeking a Cybersecurity Engineer II – Embedded Product to support the secure development of safety‑ and mission‑critical embedded systems. Our work focuses on the protection of resource‑constrained, real‑time, and connectivity‑enabled products throughout their operational lifecycle. As part of our shared services organization, we partner with programs across the company wherever customer security requirements apply or where system architecture, interfaces, and deployment environments introduce cyber‑physical risk. 

Our team develops specialized tools, analysis methods, and test techniques to uncover residual design or implementation defects that could become exploitable vulnerabilities affecting the confidentiality, integrity, or availability of embedded systems. We work directly with architecture, design, and implementation teams as cybersecurity subject matter experts, guiding secure design decisions, threat modeling, and verification activities throughout the Secure System Development Life Cycle (SSDLC). 

This role will be worked onsite in Cedar Rapids, IA and will require an active or ability to obtain a Secret clearance. Relocation assistance is available. 

What You Will Do:

• Address Common Vulnerabilities and Exposures (CVEs)

• Author, review Risk Management Framework (RMF) cybersecurity artifacts

• Follow and guide teams to the adherence of military RMF security processes 

• Conduct Security Technical Implementation Guide (STIG) investigations

• Support organizational adoption of the Avionics SSDLC 

• Develop and execute fuzzing and penetration tests to evaluate the robustness of the attack surface 

• Analyze system data flows to identify attack vectors and assess risks to new and existing products 

• Develop threat model / data flow diagrams to ensure data can be properly isolated in motion and at rest 

• Ensure proper implementation of security measures during product development 

• Develop, deploy and automate security tools for identifying product security flaws 

• Help characterize security vulnerabilities for product impact and recommend mitigations  

• Review code to identify weaknesses in the implementation of security functions 

• Conduct vulnerability assessments of proposed and in-service systems 

Qualifications You Must Have:

• Typically requires a degree in Science, Technology, Engineering or Mathematics (STEM) and minimum 2 years of prior relevant experience or an Advanced Degree in a related field

• U.S. Citizenship is required; the ability to obtain and maintain a U.S. government issued security clearance is required.

• Embedded software engineering knowledge (Python and Java/C/C++) 

• Networking knowledge (OSI Layers, Arnic 429 protocols, WiFi, etc.) 

• Product security or secure system design; threat modeling or fuzzing/pen testing  

Qualifications We Prefer:

• Risk Management Framework 

• Knowledge of Threat Models and Data Flow Diagrams 

• Data/network security implementations with operating systems 

• Understanding tailoring and hardening of operating systems 

• Familiarity with system and application penetration testing 

• Experience with SAST and analyzing security impact of code defects  

• Executing System & Application Fuzzing / Resiliency Tests 

• Knowledge of Public Key Infrastructure (PKI) 

• Industry recognized security certifications (Sec+, OSCP, CISSP, etc.)

What We Offer:

• Medical, dental, and vision insurance 

• Three weeks of vacation for newly hired employees 

• Generous 401(k) plan that includes employer matching funds and separate employer retirement contribution, including a Lifetime Income Strategy option 

• Tuition reimbursement program

• Student Loan Repayment Program 

• Life insurance and disability coverage 

• Optional coverages you can buy pet insurance, home and auto insurance, additional life and accident insurance, critical illness insurance, group legal, ID theft protection

• Birth, adoption, parental leave benefits

• Ovia Health, fertility, and family planning 

• Adoption Assistance          

• Autism Benefit 

• Employee Assistance Plan, including up to 10 free counseling sessions 

• Healthy You Incentives, wellness rewards program

• Doctor on Demand, virtual doctor visits 

• Bright Horizons, child and elder care services

• Teladoc Medical Experts, second opinion program 

• And more! 

Learn More & Apply Now!

* Please consider the following role type definitions as you apply for this role.

Onsite: Employees who are working in Onsite roles will work primarily onsite. This includes all production and maintenance employees, as they are essential to the development of our products.