Principal Software Engineer (Security)

Company Summary
At Safran Passenger Innovations, we make flying fun by focusing on maximizing the Passenger Experience. As an innovative In-Flight Entertainment and Connectivity (IFEC) company we design, engineer, manufacture, sell and support world-class In-Flight Entertainment and Connectivity solutions. Our products are constantly evolving, solving complex media distribution, playback, and networking problems in a secure, demanding on-wing environment. Safran IFEC products are utilized by many of the world’s premier air carriers. Step aboard and help us by creating the best in-flight experiences for today and beyond!

Job Summary

As a Principal Security Software Engineer on the Software Development team, you will engage with an experienced cross-disciplinary staff to design and implement innovative In-Flight Entertainment (IFE) products applying state of the art security principles (wired and wireless) concepts and technologies to modernize all security aspects of our platform, including on-wing and off-wing Compute, Connectivity, Networking and Storage. Working closely with inter-disciplinary teams you will participate in architecture, design, development, test, and integration of software features for the RAVE IFEC systems and products using a hybrid development methodology in a regulated environment. You must be a self-starter, responsive, flexible, and able to succeed within an open, collaborative peer environment.

Duties and Responsibilities:

• Contribute to the design, creation, development and improvement of security features, packaging, tools, testing, test automation, continuous integration, delivery, documentation and building of complex distributed systems in a low power, low latency, heat conscious environment
• Problem solving - troubleshoot, triage, debug, and resolve security issues
• Demonstrate passion for continuous improvement and take personal ownership of quality
• Provide guidance, mentoring, training, and support across product development and the broader IFE business with respect to security best practices
• Provide realistic estimates, foster a culture of transparency, and meet agreed upon commitments
• Facilitate communication internally, with stakeholders, users, and/or customers on specifications, architecture, design, implementation, and approvals
• Actively participate, engage, and contribute during meetings
• Leverage other internal organizations to facilitate product success
• Prepare and present technical information for large and diverse audiences
• Assess third-party and open-source software and in some cases implement the same
• Adhere to, contribute to, and help improve both organizational processes and the software development lifecycle (SDLC)

Requirements

• Bachelor’s Degree in Computer Science, or equivalent experience in a related field (Cybersecurity training or experience is advantageous)
• 3-6 years of experience in a Senior (or above) level role within Security software engineering
• 15+ years of overall software development experience
• 5+ years of proven experience on containers technologies, microservices and DevOps practices
• Expert on monolithic to secure by design microservices with an eye towards practical migrations and attack surface analysis
• Expert in service-to-service (API) communication security and monitoring
• Security – holistic - Experience with security engineering concepts and practices including system and network security, authentication, protocols, cryptography, DB, and application security in regulated environments
• Enterprise level expertise in securing development and delivery of complex distributed compute environments
• Mastery of basic security concepts such as authentication, authorization (IAM), DevSecOps, Infrastructure as Code and Microservices/Containers
• Deep network understanding including protocols, debugging, layers, security, intrusion detection, log analysis, and network scanning
• Understand the OSI model and relationship between layers
• Hybrid networking concepts (Cloud/On-Prem/On-Wing)
• Secure design of API’s, queuing/messaging
• Securing Kubernetes
• Design experience with implementing Digital Rights Management (DRM) tools and key/secrets management
• Experience with decentralized access control in complex distributed environments
• UNIX/Linux or embedded operating systems using C/C++
• Experience troubleshooting & root cause analysis of software and hardware security issues
• Experience with formal Engineering Requirements documentation and processes

Experiences with any of the following languages, technologies and/or techniques would be advantageous:

o   Low level kernel/driver knowledge of Linux 4.x and 5.x

o   MQTT, IPC, RPC, sockets and/or audio/video players.

o   Highly available, fault-tolerant, distributed, or clustered systems development

o   ARINC 429 (data transfer) and RS-485/422.

o   Understanding of bus design: I2C, PCIe, SPI, MDIO, CAN, etc.

o   Experience with various security/cryptography concepts such as PKI, SSL and TLS with respect to embedded devices

o   Windows using C/C++/C#, .Net, web programming, JavaScript, ASP, SQL, Node, Go and functional compute like AWS Lambda

o   Mobile application communications development and loosely coupled designs

o   Understanding of containers and virtual machines using Docker Swarm, Kubernetes, or other control planes and compute primitives

o   Experience refactoring/rearchitecting monolithic solutions into distributed microservices, containerized or serverless with heavy API design and implementation strategies

Benefits

In addition to a comprehensive package of health benefits that include company contributions, Safran Passenger Innovations offers a variety of additional benefits and perks to enhance your work-life balance experience including but not limited to:

- A home allowance to elevate your home workspace

- Discretionary bonus program

- Future financial security with a 401(k) program with company match

- Paid time off covering vacations, personal time off and sick days, capped off by an exciting year-end holiday shutdown

- Embraced flexibility with our alternative work schedule (9/80) to navigate your workweeks with every other Friday off