Cybersecurity Engineer

S2 Global, an OSI Systems Company is seeking a Cybersecurity Engineer to work in its Torrance, CA location.

S2 Global is the leading provider of security screening solutions and has extensive experience in program assessment, technology deployment, operation management, image analysis and maintenance services at major events, ports, land borders and air cargo facilities. Focused on Operations, Integration and Training, S2 Global's solutions ensure that customers have the advanced technologies and sophisticated techniques to significantly increase their screening capabilities.

S2 Global is seeking a hands-on senior cybersecurity engineer for support of their border protection and transportation security products. The successful candidate must have experience in analyzing, defining, and documenting cyber security requirements for commercial products based on a standards-based approach. They must have excellent communication skills and can be trusted to develop or lead efforts to develop design documentation. They must be trusted to reliably complete a wide range of assignments with very little supervision, and to proactively communicate on the progress of work (or issues encountered). They must have good attention to detail, and the ability to organize and coordinate the completion of multiple concurrent actions.

• Assess and define the cybersecurity design requirements for the S2 Global Certscan integration platform and associated hardware/software. Perform this work from within a standardized security framework.
• Help with the constant process of educating product design staff and organization. stakeholders on cybersecurity and how it affects the product design and support efforts.
• Define innovative solutions to secure and support networked products that are used in highly diverse settings over long install periods.
• Analyze, report on, and assist in management of security-related risks, including reporting on outcomes and proposing further security improvements.
• Participate in and assist with development or product test protocols. These protocols should allow for efficient assessment of product vulnerabilities and include work with engineering and provide recommendations of remediation alternatives.
• Work with product engineering teams to help them understand cybersecurity test results and identify remediation techniques that could be employed to address the findings.
• Lead efforts to assess the vulnerability of products to new and emergent threats. Efforts must identify root cause and identify remediation strategies as needed. Work to develop communications from those assessments that will inform internal engineering, service and external customers.
• Proactively support use of standardized processes. Prepare and document standard operating procedures and protocols to help ensure the security of our products as they are designed, developed, supported, and used.
• Uphold the company's core values of Integrity, Innovation, Accountability, and Teamwork.
• Demonstrate behavior consistent with the company's Code of Ethics and Conduct.
• It is the responsibility of every employee to report to their manager or a member of senior management any quality problems or defects in order for corrective action to be implemented and to avoid recurrence of the problem.
• Duties may be modified or assigned at any time to meet the needs of the business.

• BS in Cybersecurity, IT, Computer Science, Engineering or related field.
• 5+ years of work experience in information technology with a focus in security.
• Experience in supporting product design efforts and leading cybersecurity design efforts that are based on holistic industry security standards.
• Demonstrated experience leading efforts to define and capture the architectural and technical product design specifications at the network, as well as application, and database/data store level of the product and the business eco system it operates within.
• Must have familiarity with security standards and frameworks including NIST 800-53, NIST CSF, NIST 800-171, IEC 80001, and/or ISO 27001, and/or US government ATO processes such as RMF.
• Experience working in the design of highly regulated industries is highly desirable.
• Experience performing vulnerability testing of systems and software.
• Experience performing Threat, Exploit, and Vulnerability analysis of products and systems.
• Knowledge and experience with industrial systems and Internet of Things (IoT) is desirable.
• Detailed technical knowledge of operating system and network security in physical, virtual and cloud-based (AWS) implementations is required.
• Experience with embedded Windows/Linux, mobile, and RTOS operating systems.
• Hands-on experience in security systems, including endpoint security, vulnerability management, network security technologies such as firewalls and IDS/IPS, wireless network security, authentication systems, log management, and encryption.
• Experience with application and database security design is required.
• Experience with governance and risk management for vulnerabilities identified during cybersecurity testing operations is expected.
• Proven ability to lead a project from start to finish from the technical side
• Experience writing engineering design specifications.
• Capability to clearly communicate information security concepts and risks
• Good verbal and written communication skills in English.
• Demonstrated ability to work as part of a team.
• Able to reliably complete assignments with limited supervision, and to help lead the actions of others to accomplish complex or extended work assignments.
• Experience performing Project Management responsibilities to plan and track execution of assigned workload.
• Cybersecurity certifications such as CISSP, Security+, CCNA Security, or GIAC are desirable
• Experience working in a global environment across multiple time zones.
• Experience with Risk Management Framework (RMF) and DISA STIGS desired.
• DoD Secret Clearance desired.

• DoD contractor experience desirable.

• Domestic and international travel required; must be able to acquire all necessary travel documents. 50% travel.
• Required to complete US federal background check, drug screen, and meet requirements for access to US government facilities and/or government IT networks; terms of federal contracts require US citizenship.

Please review our benefits here: Life at OSI
The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location and date of hire. Please note that the salary information shown above is a general guideline only. Salaries are based upon candidate experience and qualifications, as well as market and business considerations.

NOTICE TO THIRD PARTY AGENCIES

OSI Systems, Inc. and its subsidiaries (collectively "OSI") does not accept unsolicited resumes from recruiters or employment agencies. If any person or entity, including a recruiter or agency, submits any information, including any resume or information regarding any potential candidate, without a signed agreement in place with OSI, OSI explicitly reserves the right to use such information, and pursue and/or hire such candidates, without any financial obligation to the person, recruiter or agency. Any unsolicited information or resumes, including those submitted directly to hiring managers, are considered and deemed to be the property of OSI.

Equal Opportunity Employer - Disability and Veterans

EEO is the Law

Poster Link: https://www.eeoc.gov/sites/default/files/migrated_files/employers/eeoc_self_print_poster.pdf

OSI Systems, Inc. has three operating divisions: (a) Security, providing security and inspection systems, turnkey security screening solutions and related services; (b) Healthcare, providing patient monitoring, diagnostic cardiology and anesthesia systems; and (c) Optoelectronics and Manufacturing, providing specialized electronic components and electronic manufacturing services for original equipment manufacturers with applications in the defense, aerospace, medical and industrial markets, among others.