Election Systems & Software

  • Configuration Management & Product Security Engineer

    Job Location US-NE-Omaha
    Posted Date 14 hours ago(6/20/2018 9:46 AM)
    Job ID
    2018-1264
    # of Openings
    1
    Category
    Product Security and Development
  • Job Description

    The Engineer, Security & Configuration Management is responsible for analyzing the product suite for security vulnerabilities and for performing the managed builds of the software and firmware products.  Work in product suite security analysis includes training our Quality Assurance and Development departments on how to test for security, configuration analysis for the suite, and “ethical hacking” to help us determine where product suite security enhancements are necessary.  Managed builds of the product software and firmware includes applying department standard practices in the proper controlled build environments. This position requires proficiency in various operating systems, scripting methods, security, hacking/anti-hacking, virtual machine management, encryption, OS and device-level authentication, etc.

     

    Essential Duties and Responsibilities:

     

    Qualifications:

     

    1.    Write, modify, and test Windows and Unix-like build procedures and scripts as necessary to complete the build process.

    2.    Participate in Trusted and/or Witness build activities.

    3.    Assist with the management of the code base and install products produced during the build process.

    4.    Assist with the installation of the build products and related COTS hardware and software on ES&S products involving both Windows and UNIX-like environments.

    5.    Work independently, with direction from the various groups in the development department.

    6.    Assist with the capture of documentation changes related to the installation and configuration of the build products when installing them on the Quality Assurance and Certification environments.

    7.    Work with Development Engineers, Quality Assurance Testers, and Certification to troubleshoot issues related to the installation of the build products.  This includes any related COTS hardware and software installation issues.

    8.    Perform all functions related to supporting the Configuration Management Build Environment i.e. installation, maintenance, backup, recovery, etc.

    9.    Monitor server and application logs related to the management of the build environment.

    10.   Research VVSG and industry best practices for the specific OS configurations, network configurations, and product suite designs to include high security settings.

    11.   Design of network configuration and security or the product suite.

    12.   Training others to design for security and to test for security.

    13.   Evaluate company products for security holes and determine the changes that are needed to strengthen their security.

    14.   Security documentation that conforms to the VVSG requirements and company standards.

     

    Education:         

    Must have a bachelor’s degree in computer engineering or management information systems or equivalent experience.

     

    Experience:       

    At least 2 -3 years’ experience including:

    Proficiency in network and operating system management and updates including Linux, Windows (workstation products and Windows Server) is required.

    Experience with virtual machine configuration and management is preferred.

    Proficient with the use of Configuration Management or compatible process management and support tools

    Experience using defect tracking tools, source code control systems, and configuration management systems.

    Must have hands-on software development experience to understand and work with build and installation procedures and other documentation. 

    Experience with scripting languages and commands used by both Windows and UNIX-like operating systems.

    Knowledge of software Make and Build techniques, Continuous Integration techniques and practices.

    Knowledge of Hash tools and comparison techniques required for build product verification.

    Knowledge of encryption/decryption, device-level authentication, malware detection / management / prevention, and hacker exploits is desired.

    An ability to analyze complex problems and to design, implement, and test appropriate solutions to those problems is required.  Present technical information for consumption by ES&S managers and associates, including non-technical associates is required.

    The ability to work in a team-oriented environment is required; working as a team member, not alienating the other team members.

     

    Competencies:

    Proficiency in Various operating systems, scripting methods, security, hacking/anti hacking, virtual machine management, encryption, OS and device-level authentications, etc. 

    Research skills and technical comprehension skills are required; able to read and comprehend technical security documents; able to locate pertinent technical documentation using various industry tools, including the internet; able to understand legal and certification documents and transform their content into system technical requirements for the department.

    An ability to analyze complex problems and to design, implement, and test appropriate solutions to those problems is required.  Present technical information for consumption by ES&S managers and associates, including non-technical associates is required.

    The ability to work in a team-oriented environment is required; working as a team member, not alienating the other team members.

     

    Licenses/Certifications Required:  None

     

    Supervisory Responsibilities:  None

     

    Work Environment:  This job operates in a professional office environment which routinely uses standard office equipment such as computers, telephones, and photocopiers.

     

    Physical Demands:  The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.  While performing the duties of this job, the employee is regularly required to talk or hear.  The employee frequently is required to stand; walk; hands to finger, handle or feel; and reach with hands and arms.  Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, depth perception and ability to adjust focus.

     

    Travel:  Approximately < 20% travel is expected.

     

    Security:  Required to consistently demonstrate adherence to all security requirements and accepted practices as contained in the current ES&S Security Policy.  Incumbents must proactively read, comprehend and adhere to all ES&S security policies, practices and procedures regarding the safety and safekeeping of co-workers, products, services and other intellectual property as defined in the ES&S New Business and Non-disclosure, or Proprietary matters, Confidential matters and Non-Competition agreements, and the current ES&S Security Policy Manual.

     

    EEO Statement:  To provide equal employment and advancement opportunities to all individuals, employment decisions at ES&S will be based on merit, qualifications, and abilities.  ES&S does not discriminate in employment opportunities or practices based on race, creed, color, religion, sex, sexual orientation, national origin, citizenship status, marital status, age, disability, genetic information, or because of past, current, or future military obligations or any other characteristics protected by law.

    This policy governs all aspects of employment, including selection, job assignment, compensation, discipline, termination, and access to benefits and training.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed