Software Security Architect -Satellite Ground Systems at MDA (Richmond, BC, Canada)
Desired Skills and Experience
- Overseeing the development of secure software products to be used in an extant satellite ground system,
- Developing a software security architecture that is realized by the software development teams,
- Working closely with other software architects to ensure that solutions align to both functional and security requirements,
- Ensuring that the security architecture addresses secure communications, access control, authentication, audit, as well as other applicable security controls,
- Developing an overall software development strategy, including identification and application of industry and government best practices,
- Identifying the technologies and implementation approaches to be implemented
- Applying secure software development approaches within the full software engineering lifecycle,
- Supporting the Ground Station design team in ensuring that security objectives are met within the context of the overall design solution,
- Ensuring that all required documentation is developed to properly define, develop and support the security solution, and
- Presenting our security solution to customers.
- University degree or technical diploma from an accredited institution in Computer Science, Engineering (Electrical, Computer), or a combination of related education and experience,
- 10+ years of experience developing and deploying software in an enterprise-level service-oriented environment,
- 5+ years’ experience in developing secure software applications that align to industry best practices such as OWASP or CERT,
- Expert knowledge and implementation of secure application architectures, encryption technologies, cryptography and key management, and authentication and control of application permissions
- Knowledge of the common application layer vulnerabilities and the ability to explain these risks to developers
- Knowledge of tiered application architectures, web applications, APIs, mobile applications, desktop applications, and the underlying technology of cloud infrastructure
- Experience securing platform web APIs
- Experience with one or more general purpose programming languages including but not limited to: Java, C/C++, C#, Perl, Python, JavaScript.
- Experience working in DevOps, continuous integration and Agile, including design of security solutions, including creating artifacts, models, and strategy presentations
- Experience in the following is mandatory:
Working with security standards/guidelines e.g. OWASP, ITSG-33/NIST 800-53, etc. Implementing authentication and encryption standards, Deploying SSO solutions, Security software development practices, Developing secure web applications, Source code scanning tools, Developing/deploying network security solutions Developing/deploying distributed security solutions
- Working with security standards/guidelines e.g. OWASP, ITSG-33/NIST 800-53, etc.
- Implementing authentication and encryption standards,
- Deploying SSO solutions,
- Security software development practices,
- Developing secure web applications,
- Source code scanning tools,
- Developing/deploying network security solutions
- Developing/deploying distributed security solutions
- Experience in the following is desired:
Hardening operating systems, Docker security, Remote sensing (SAR or Optical).
- Hardening operating systems,
- Docker security,
- Remote sensing (SAR or Optical).
- Proven leader, comfortable with blazing a new trail,
- Experience with robust, operationally sound production environments
- Excellent verbal and written communication skills
- Experience in developing and deploying security software in operational environments
- Active professional security certifications is desired (e.g., CISSP or other similar industry qualification)