Senior Satellite Communications Security Engineer ( R-00069748 )
Leidos is a global science and technology solutions leader working to solve the world’s toughest challenges in the defense, intelligence, homeland security, civil, and health markets. Leidos is seeking a Senior Satellite Communications Security Engineer to lead the engineering, design and implementation of the next generation of cryptographic product security, transport, and accountability for key and data for high and medium assurance applications.
The selected candidate will provide senior engineering expertise to understand, document and design satellite communication security patterns and capabilities. These satellite network systems have exacting interface, performance and security requirements that must be analyzed and decomposed. This position will require someone who is meticulous and creative in problem solving. More specifically in designing security focused solutions that address potential system vulnerabilities and associated mitigations.
You will participate in the definition of system security requirements for a wide range of satellite architectures including but not limited to low-earth orbit (LEO) constellations that integrate small /cube/nano spacecraft. This requires an understanding of the unique constraints and interfaces to satellite spacecraft, approaches to integrating payload protection techniques, and approaches to protecting Telemetry, Tracking and Control (TT&C) using cryptography and key management solutions. Lead or participate in the secure design of new products and features, vulnerability analysis of applications and devices, work with developers to communicate cryptographic security architectures In addition, this role will focus on high impact, creative solutions to complex technical problems, and work as part of a large team. This position will allow the successful candidate to develop and execute a set of integrated plans and technical artifacts that will enable the program to meet technical performance parameters and achieve mission success.
He/she will become part of a team of Security Engineers working on solving challenging issues on a nationally significant defense program. The selected individual will collaborate with other engineers and technical experts in providing improvements to our operational, test, integration, and development systems.
Position responsibilities will include:
- Lead system engineering, hardware, and software analysis to support the Navy’s Key Management project portfolio, including satellite communication security.
- Define and apply systems engineering processes to develop systems and solutions that meet customer requirements.
- Manage requirements, including decomposition, allocation, verification, and validation for subsequent use by the development and test teams.
- Define and develop System Architecture, CONOPS, and use cases using systems engineering methodologies.
- Participate and lead discussions at customer meetings, working groups, and technical interchange meetings associated with the work performed in this project.
- Research, design, write, and review a wide range of technical documentation that will include but not be limited to: technical manuals, design specification documents, interface requirements specification, system user guides, reference manuals, installation guides, and data sheets that may be required to assist with the design, integration, testing, and fielding of the system; will provide project briefing materials upon request.
- Option to work a 9/80 work schedule (i.e., 9 hour days, then work 8 hours on first Friday and off the second Friday)
- Relocation assistance available to move to San Diego, CA.
- Bachelor’s of Science Degree in Engineering, Computer Science, or related field and 9+ years of experience or Masters with 6+ years of prior relevant experience.
- Position requires US citizenship and an active Secret DoD security clearance.
- Demonstrated experience in requirements decomposition.
- Experience that demonstrates ability to analyze risks and uncertainties and ability to navigate projects through established processes.
- Understanding complex system development methods.
- Knowledge working with software development methodologies such as TDD, Peer programming, debugging
- Knowledge of software design patterns.
- Knowledge of Agile Development methodologies.
- Excellent verbal and written communication skills.
- DoD 8570 approved security certification (i.e., Security +) (Will be required 90 days after hire).
- BS degree and 12 – 15 years of prior relevant experience or Masters with 10 – 13 years of prior relevant experience.
- An understanding of the unique threats to satellite systems and the role that cryptography plays in mitigating those threats
- An understanding of satellite communication architectures and security approaches applicable to these architectures
- An understanding of the constraints to encryption and key management introduced by the space domain, including performance, latency, etc.
- An understanding of satellite payload waveforms and associated mission cryptography
- An understanding of cryptographic key management approaches to securing communication confidentiality and integrity on satellite and within ground stations
- An understanding of cryptographic security for satellite TT&C
- An understanding of transec keystream generation approaches for secure satellite communication
- Knowledge of new approaches to satellite communication, including mesh networks, optical Intersatellite link encryption, and the use of cloud processing of satellite downlinks
- An understanding of the cryptographic products currently in use within various satellite constellations
- An understanding of how HAIPE is used within satellite constellations
Working knowledge and experience with computing and related technologies preferred including:
- Scripting support such as Python, bourne/c shell/k shell/ bash
- Structured Query Language (SQL)
- Collaboration tools like MatterMost, Teams
- AI related frameworks such as pytorch, tensor flow
- Database design, configuration, replication, backup, archive, and restore
- Continuous integration environments (e.g., Jenkins, GitLab-CI).
- Familiar with software languages such as C/C++, C#, Java
- Understanding of Cryptographic Key Management based on EKMS and KMI.
- COMSEC Operations and Accountability
- Transfer, receipt, accounting, inventory, reconciliation, and reporting
- Warehouse operations, receiving, distribution, reporting, and automation
- Familiarity with Agile processes including
- Agile / Scrum
- Tools and environment such as jira, VersionOne
- Agile use, automation, configuration, tracking, and optimization
- Detailed knowledge of Networking and Interface technologies including
- Web services including RESTful and SOAP
- Documentation with IETF/RFCs
- OpenAPI standards
- ASN.1 constructs, usage, compilers, and implementations
- Understanding of Security requirements and implementation including
- Authentication, integrity, and confidentiality services and implementation
- Public Key Infrastructure with trust chains, certificates, revocation checking, cert validation
- Cryptographic mechanisms such as SHA, HMAC, Elliptic Curve, and quantum resistance approaches
- Cryptographic Message Syntax (CMS)
- Security monitoring including gathering, reporting, and response using SIEM
- Security frameworks adhering to STIGs, RMF