Jobs

R0011197 Product Cybersecurity Analyst (Open)

Posted on: April 1, 2021 Apply Now
Full Time Expires May 5, 2021

Job Description

Oshkosh Corporation is seeking a Product Cyber Security Analyst to join our product development team. The Product Cyber Security Analyst works with customers, project managers and the product engineering team to support secure embedded software development for automotive, and connected products. They will have a key role in supporting the risk management framework (RMF) for ongoing software projects and will monitor released products for vulnerabilities.

Essential Duties and Responsibilities:

  • Assist the product engineering team in writing cyber security requirements, test plans and testing
  • Apply risk management frameworks (RMF) to product development
  • Peer review security critical areas of software and device configuration
  • Document cybersecurity compliance
  • Complete STIGs for embedded products
  • Monitor software applications and libraries for security vulnerabilities
  • Write and maintain secure software development processes, procedures, and other associated documentation
  • Translate cybersecurity standards into practical processes, procedures and internal standards
  • Mentor software engineers in writing secure software

Basic Qualifications:

  • 5 to 10 years of experience relevant to this position
  • Bachelor’s degree in a cyber security, computer, software or engineering discipline
  • Have a DoD Approved 8570 Baseline Certification for an IAM Level I role, or higher
  • Position requires the ability to obtain a security clearance
  • Experience applying STIGs and hardening Windows and Linux systems
  • Server / workstation administration skills in both Windows and Linux
  • Experience in running and managing vulnerability assessment tools
  • Familiarity of relevant security standards such as: SAE J3061, NIST 800 series, FIPS 140

Preferred Qualifications:

  • Master’s degree in a cyber security, computer, software or engineering discipline
  • Experience writing software in C/C++, Python, HTML/CSS, JavaScript
  • Experience writing software for embedded controllers and IoT
  • Familiarity applying STIGs to embedded systems
  • Experience integrating symmetric and/or public key encryption into software applications
  • Experience writing requirements for secure software systems
  • Firewall and webserver administration experience, such as: Nginx, IIS, Tomcat and Apache
  • Experience performing penetration tests on embedded and/or IoT systems
  • Experience using and managing static analysis and software composition analysis tools
  • Experience applying STIGs and hardening embedded systems
Apply Now