The Junior Aerospace Cybersecurity Specialist supports the protection of embedded control systems in aerospace platforms—including flight control, engine control, and avionics systems—against cyber threats. This role assists in security risk assessments, vulnerability analysis, secure system design reviews, and the implementation of cybersecurity measures during development, testing, and integration phases.
Assist in Risk Assessments:
Support the identification and documentation of cybersecurity risks in control systems and embedded software environments.
Support Security Testing:
Aid in penetration testing, vulnerability scanning, and threat modeling of flight control and communication systems under supervision.
Secure Development Practices:
Work with systems and software engineering teams to apply secure coding standards and validate cybersecurity requirements in embedded systems.
Monitoring & Logging:
Support the configuration and analysis of security logs, system alerts, and anomaly detection tools related to control system traffic.
Compliance Documentation:
Assist with the creation and maintenance of security documentation to ensure compliance with DO-326A, DO-355, NIST, and other aerospace cybersecurity guidelines.
System Hardening Support:
Participate in efforts to harden embedded operating systems, firmware, and communication buses (e.g., CAN, ARINC 429, MIL-STD-1553).
Training & Awareness:
Learn about evolving cyber threats, tools, and mitigation techniques specific to avionics and aerospace environments.
Control System Security Exposure:
Gain exposure to real-time, safety-critical aerospace control systems, and understand their attack surfaces and protection requirements.
Secure System Lifecycle Support:
Support the integration of cybersecurity into the full lifecycle of aerospace systems—from concept and design to flight test and deployment.
Cyber Threat Awareness:
Develop foundational knowledge in threat actors, vulnerabilities, and intrusion techniques targeting aerospace control systems.
Standards & Compliance Foundations:
Become familiar with key industry frameworks and compliance needs (e.g., DO-326A/DO-356A, NIST SP 800-53, ISO/SAE 21434, FAR Part 25.1316).
Hands-On Learning:
Build experience using security tools (e.g., Wireshark, Metasploit, Nessus), embedded system emulators, and testbed environments.
Bachelor’s degree in Cybersecurity, Computer Engineering, Electrical Engineering, or related technical discipline
Coursework or internship experience in cybersecurity, embedded systems, or network security
Familiarity with communication protocols (TCP/IP, CAN, RS-422, ARINC 429) and operating systems (Linux, VxWorks, RTOS) is a plus
Basic knowledge of cybersecurity tools and techniques (firewalls, encryption, intrusion detection)
Strong problem-solving skills and willingness to work in regulated, safety-critical environments
U.S. citizenship or eligibility for security clearance may be required, depending on employer/project