Senior ML Security Engineer developing security tools and frameworks for ML workflows. Ensuring proactive vulnerability detection and compliance with ML security standards at NXP.
About the role
- Information System Security Manager providing cybersecurity and RMF support for DoD systems and applications. Collaborating with military, government, and contractor personnel to ensure national security and systems compliance.
Responsibilities
- Provide cybersecurity and Risk Management Framework (RMF) support to systems and applications for the Test Resource Management Center (TRMC).
- Work with military, government, and contractor personnel to provide technical and policy direction grounded in Department of Defense (DoD) policy, and act as the Subject Matter Expert (SME) with the cybersecurity domain and lead ISSOs.
- Review Cybersecurity tool reports, ACAS, HBSS, for the purposes of reporting and compliance.
- Provide recommendations to the SISO, PM, and AO regarding remediation and mitigation of identified vulnerabilities on test reports and plan of action and milestones (POA&Ms).
- Monitor system status updates and report to senior leadership.
- Includes monthly executive reports, vulnerability reports, JFHQ DODIN reporting and briefing.
- Monthly executive briefing to SISO, PM on security metrics.
- Draft and present RMF deliverables to senior leadership.
- Work directly with a distributed team to reduce travel.
Requirements
- TS/SCI required
- A minimum of 2 years of Information Technology Information Assurance, or Cyber Security engineering experience.
- A minimum of 2 years of experience in conducting security assessments by reviewing security controls with the ISSO/ISSM and guide programs through RMF process.
- Bachelor’s Degree in Engineering, Computer Science, or 8 years IT field experience in lieu of degree; Master’s Degree preferred
- Proven expertise with assessing security controls in accordance with NIST Special Publications (i.e.: NIST 800 Series)
- Proven in-depth knowledge of Cybersecurity principles technologies, and processes.
- Experience with NIST 800-53, Security Development
- Familiarity with performing assessments for Unclassified and Classified environments
- Ability to adapt to process changes
- Ability to interface with senior leadership
- Ability to support high visibility or high priority projects
- Possession of excellent oral and written communication skills.
Benefits
- Health insurance
- Retirement plans
- Paid time off
- Flexible work arrangements
- Professional development
- Zero Harm culture
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Lead a multidisciplinary team at NXP focused on the proactive identification and analysis of security vulnerabilities in semiconductor products. Drive innovative approaches to security testing and team management.
Security Architect designing security architectures for embedded products at NXP. Collaborating with teams on threat assessments and managing security requirements in IoT/Automotive domains.
Security Software Engineer at Pinterest developing IAM infrastructure and tools for identity and authorization. Collaborating on mission - critical features in a team - focused environment.
Senior Network and Security Information Analyst defining and implementing network and information security at Airbus. Managing security assets and compliance across the organization while documenting and reporting vulnerabilities.
Associate Consultant for Microsoft Security focused on supporting the delivery of security solutions. Collaborate with experienced consultants and learn in a remote - first environment with occasional onsite work.
Software Engineering Intern at Red Hat working on the security of software production pipelines. Contributing to projects involving AI tools and secure development practices in Brno, Czech Republic.
Technical support intern assisting clients and monitoring backup systems. Involves client interaction, system maintenance, and adherence to legal standards.
GRC Lead managing security compliance and risk governance in Egypt. Driving initiatives for ISO 27001 alignment and overseeing security audits and policies.
Cybersecurity Engineer responsible for safeguarding information systems and developing cyber security capabilities. Involves project management and collaboration through all phases of software development lifecycle.