Manager, Cybersecurity
- Recruiter
- PAC Panasonic Avionics Corporation
- Location
- Irvine
- Salary
- Competitive
- Posted
- 15 Sep 2024
- Closes
- 13 Oct 2024
- Job Type
- Cyber Security
- Employer Sector
- Technology, IT & Telecoms
- Contract Type
- Permanent
- Hours
- Full Time
Overview:
Manager, Cybersecurity
Responsibilities:
Our new global headquarters is conveniently located in Irvine, CA near John Wayne Airport in the Park Place development. For our onsite and hybrid employees you will be able to enjoy amenities such as access to many restaurants and shops, running trails, a fitness deck, outdoor seating, dry cleaning, car wash, free garage parking, car charging stations, shuttle service for train commuters, outdoor games like bocce, horseshoes, gaming tables, pickle ball, and basketball. For more information on Park Place visit (url removed).
Who We Are:
Ever wonder who brings the entertainment to your flights? Panasonic Avionics Corporation is in the industry for delivering inflight products such as movies, games, WiFi, and now Bluetooth headphone connectivity!
How exciting would it be to be a part of the innovation that goes into creating technology that delights millions of people in an industry that's here to stay! With our company's history spanning over 40 years, you will have stability, career growth opportunities, and will work with the brightest minds in the industry. And we are committed to a diverse and inclusive culture that will help our organization thrive! We seek diversity in many areas such as background, culture, gender, ways of thinking, skills and more.
If you want to learn more about us visit us at . And for a full listing of open job opportunities go to
The Position:
JOB SUMMARY
Manages the overall security of PAC's IFEC products and services in accordance with aviation–specific security standards and best practices. Responsible for securing and testing PAC products that are integrated into ground and aircraft networks. Provides strategic and tactical guidance to business decision–makers in identifying and mitigating security vulnerabilities. Responsible for identifying, evaluating, and reporting on security risks in a manner that meets or exceeds compliance and regulatory requirements. Oversee security testing activities and be the primary resource responsible for ensuring application security testing is conducted according to industry best practices.
MAJOR RESPONSIBILITIES
Product Security
Works closely with the Product Engineering team to review technical documents for products or software solutions to ensure security is integrated into the PAC products.
Review technical designs and ensure alignment with Aviation Industry Security Standards and technical bulletins.
Manages the ongoing vulnerability, scanning, and assessment process and partners with other IT teams to resolve vulnerabilities in a timely manner to maintain compliance.
Manages team of Product Security Engineers tasked with management of security tools, systems and processes including – Logging / PKI certificate management / airside system and network security / vulnerability assessment / regulatory compliance.
Technical expertise within Product Security who represents Panasonic Avionics Corporation in technical discussions with our airline customers or OEM manufacturers
Reduce regulatory compliance risk due to the inability to demonstrate compliance with various security controls for ISO27001:2022 certifications and OEM security audits
Key participant in the Aviation –ISAC to manage and remediate cyber risk through threat intelligence sharing and best practices.
Maintain and coordinate PKI certification operations and HSM signing services to support PAC business operations.
Product Security Operations
Responsible for aircraft security log implementation and log collection to support PAC's airline customers security monitoring programs.
Lead product security's vulnerability management and penetration testing programs to support aircraft hardware and software.
Participate in OEM product security audits and remediate security findings to support OEM security standards and provide technical guidance to various business units.
Troubleshoot security event logging technology and input into log correlation architecture
Develop enabling anomaly detection technology requirements and drive successful implementation for PAC products in the aircraft to improve security posture and assurance.
Use the integrated information to detect and respond to system attacks
Maintain an understanding of the current vulnerabilities, response, and mitigation strategies used in security operations
Coordinate with SWE and Product Engineer Management to resolve Product security design defects or vulnerabilities that are identified in aircraft hardware and software
Lead PCI–SSF Payment application recertification for Panasonic Avionics payment applications
Provide the metrics and reporting framework to measure the efficiency and effectiveness of the security programs, facilitate appropriate resource allocation, and increase the maturity of the information security.
Incident Response
Experience in information security incident response and operational management
Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action
Analyze and report cyber threats as well as assist in deterring, identifying, monitoring, investigating and analyzing computer network intrusions
Coordinate the development of implementation of incident response plans and procedures to ensure that business–critical services are recovered in the event of a security event; provide direction, support and in–house consulting in these areas
Test incident response capabilities
The salary or hourly wage range of $131,000 – $220,000 is just one component of Panasonic's total package. The final offer amount may vary based on factors including but not limited to individual's knowledge, skills, experience, and location. In addition, this role may be eligible for discretionary bonuses and incentives. The minimum hourly wage for this role will be the greater of the posted range, or minimum wage for the location where the employee will be working, subject to local minimum wage requirements.
What We're Looking For:
KNOWLEDGE/SKILL REQUIREMENTS
Articulate with strong verbal and written communication skills; interpersonal and collaborative skills; and the ability to communicate security and risk–related concepts to technical and non–technical audiences.
Must be a critical thinker with strong problem–solving skills.
Lead OEM Audits and ensure that PAC's cybersecurity program aligns with aviation industry standards and best practices.
Ability to lead and motivate cross–functional, interdisciplinary teams to achieve tactical and strategic goals.
Knowledge of security and control frameworks such as those defined by NIST, PCI–DSS, and OEM security standards.
Deep understanding of security architecture and engineering discipline, processes, concepts and best practices.
High degree of initiative, dependability and ability to work both collaboratively and independently.
Works with other Executives and Senior Managers to establish strategic plans and objectives. Makes final decisions on administrative or operational matters and ensures operational goal achievement.
Works on complex issues where analysis of situations or data requires an in–depth knowledge of the company. Participates in corporate development of methods, techniques and evaluation criteria for projects, programs, and people.
Deep understanding of cryptography, authentication, authorization, network security protocols, and product security implementation.
EDUCATION/EXPERIENCE REQUIREMENTS
Bachelors' degree in Information Systems or related field. (Master's degree a plus)
Industry certifications such as CISSP, CCSP, CISM, GCIH, GSEC or equivalent experience
Hold a current penetration testing certification such as GPEN, CEH, and/or OSCP
5 years of related work experience with product security, secure software development, risk assessment, or vulnerability management
Experience with large security control testing programs and/or security projects, e.g. product hardware control testing, product software testing, and security implementation of products with aircraft.
Prior experience with information security frameworks, secure network architecture and design, cloud computing, and secure application architecture/design preferred.
Knowledge of applicable industry standards, leading security practices, and regulatory requirements
Demonstrated acumen in the security protection of IT systems and processes.
Maintains network service operational resiliency by risk–based assessments and architectural alignment.
Creates awareness of emerging vulnerabilities, develops remediation plans and ensures effective communication of any impact to company products and services.
Remain current on constantly emerging Cybersecurity threats to ensure continual protection of assets and company/customer information.
Full management authority concerning staffing, performance appraisals, promotions, salary recommendations, performance management and terminations.
Collaborate with key subject matter experts, both internal and external to analyze and assess the current and future threat landscape. Develop and continuously improve a comprehensive security program that addresses identified risks.
Our Principles:
. click apply for full job details
Manager, Cybersecurity
Responsibilities:
Our new global headquarters is conveniently located in Irvine, CA near John Wayne Airport in the Park Place development. For our onsite and hybrid employees you will be able to enjoy amenities such as access to many restaurants and shops, running trails, a fitness deck, outdoor seating, dry cleaning, car wash, free garage parking, car charging stations, shuttle service for train commuters, outdoor games like bocce, horseshoes, gaming tables, pickle ball, and basketball. For more information on Park Place visit (url removed).
Who We Are:
Ever wonder who brings the entertainment to your flights? Panasonic Avionics Corporation is in the industry for delivering inflight products such as movies, games, WiFi, and now Bluetooth headphone connectivity!
How exciting would it be to be a part of the innovation that goes into creating technology that delights millions of people in an industry that's here to stay! With our company's history spanning over 40 years, you will have stability, career growth opportunities, and will work with the brightest minds in the industry. And we are committed to a diverse and inclusive culture that will help our organization thrive! We seek diversity in many areas such as background, culture, gender, ways of thinking, skills and more.
If you want to learn more about us visit us at . And for a full listing of open job opportunities go to
The Position:
JOB SUMMARY
Manages the overall security of PAC's IFEC products and services in accordance with aviation–specific security standards and best practices. Responsible for securing and testing PAC products that are integrated into ground and aircraft networks. Provides strategic and tactical guidance to business decision–makers in identifying and mitigating security vulnerabilities. Responsible for identifying, evaluating, and reporting on security risks in a manner that meets or exceeds compliance and regulatory requirements. Oversee security testing activities and be the primary resource responsible for ensuring application security testing is conducted according to industry best practices.
MAJOR RESPONSIBILITIES
Product Security
Works closely with the Product Engineering team to review technical documents for products or software solutions to ensure security is integrated into the PAC products.
Review technical designs and ensure alignment with Aviation Industry Security Standards and technical bulletins.
Manages the ongoing vulnerability, scanning, and assessment process and partners with other IT teams to resolve vulnerabilities in a timely manner to maintain compliance.
Manages team of Product Security Engineers tasked with management of security tools, systems and processes including – Logging / PKI certificate management / airside system and network security / vulnerability assessment / regulatory compliance.
Technical expertise within Product Security who represents Panasonic Avionics Corporation in technical discussions with our airline customers or OEM manufacturers
Reduce regulatory compliance risk due to the inability to demonstrate compliance with various security controls for ISO27001:2022 certifications and OEM security audits
Key participant in the Aviation –ISAC to manage and remediate cyber risk through threat intelligence sharing and best practices.
Maintain and coordinate PKI certification operations and HSM signing services to support PAC business operations.
Product Security Operations
Responsible for aircraft security log implementation and log collection to support PAC's airline customers security monitoring programs.
Lead product security's vulnerability management and penetration testing programs to support aircraft hardware and software.
Participate in OEM product security audits and remediate security findings to support OEM security standards and provide technical guidance to various business units.
Troubleshoot security event logging technology and input into log correlation architecture
Develop enabling anomaly detection technology requirements and drive successful implementation for PAC products in the aircraft to improve security posture and assurance.
Use the integrated information to detect and respond to system attacks
Maintain an understanding of the current vulnerabilities, response, and mitigation strategies used in security operations
Coordinate with SWE and Product Engineer Management to resolve Product security design defects or vulnerabilities that are identified in aircraft hardware and software
Lead PCI–SSF Payment application recertification for Panasonic Avionics payment applications
Provide the metrics and reporting framework to measure the efficiency and effectiveness of the security programs, facilitate appropriate resource allocation, and increase the maturity of the information security.
Incident Response
Experience in information security incident response and operational management
Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action
Analyze and report cyber threats as well as assist in deterring, identifying, monitoring, investigating and analyzing computer network intrusions
Coordinate the development of implementation of incident response plans and procedures to ensure that business–critical services are recovered in the event of a security event; provide direction, support and in–house consulting in these areas
Test incident response capabilities
The salary or hourly wage range of $131,000 – $220,000 is just one component of Panasonic's total package. The final offer amount may vary based on factors including but not limited to individual's knowledge, skills, experience, and location. In addition, this role may be eligible for discretionary bonuses and incentives. The minimum hourly wage for this role will be the greater of the posted range, or minimum wage for the location where the employee will be working, subject to local minimum wage requirements.
What We're Looking For:
KNOWLEDGE/SKILL REQUIREMENTS
Articulate with strong verbal and written communication skills; interpersonal and collaborative skills; and the ability to communicate security and risk–related concepts to technical and non–technical audiences.
Must be a critical thinker with strong problem–solving skills.
Lead OEM Audits and ensure that PAC's cybersecurity program aligns with aviation industry standards and best practices.
Ability to lead and motivate cross–functional, interdisciplinary teams to achieve tactical and strategic goals.
Knowledge of security and control frameworks such as those defined by NIST, PCI–DSS, and OEM security standards.
Deep understanding of security architecture and engineering discipline, processes, concepts and best practices.
High degree of initiative, dependability and ability to work both collaboratively and independently.
Works with other Executives and Senior Managers to establish strategic plans and objectives. Makes final decisions on administrative or operational matters and ensures operational goal achievement.
Works on complex issues where analysis of situations or data requires an in–depth knowledge of the company. Participates in corporate development of methods, techniques and evaluation criteria for projects, programs, and people.
Deep understanding of cryptography, authentication, authorization, network security protocols, and product security implementation.
EDUCATION/EXPERIENCE REQUIREMENTS
Bachelors' degree in Information Systems or related field. (Master's degree a plus)
Industry certifications such as CISSP, CCSP, CISM, GCIH, GSEC or equivalent experience
Hold a current penetration testing certification such as GPEN, CEH, and/or OSCP
5 years of related work experience with product security, secure software development, risk assessment, or vulnerability management
Experience with large security control testing programs and/or security projects, e.g. product hardware control testing, product software testing, and security implementation of products with aircraft.
Prior experience with information security frameworks, secure network architecture and design, cloud computing, and secure application architecture/design preferred.
Knowledge of applicable industry standards, leading security practices, and regulatory requirements
Demonstrated acumen in the security protection of IT systems and processes.
Maintains network service operational resiliency by risk–based assessments and architectural alignment.
Creates awareness of emerging vulnerabilities, develops remediation plans and ensures effective communication of any impact to company products and services.
Remain current on constantly emerging Cybersecurity threats to ensure continual protection of assets and company/customer information.
Full management authority concerning staffing, performance appraisals, promotions, salary recommendations, performance management and terminations.
Collaborate with key subject matter experts, both internal and external to analyze and assess the current and future threat landscape. Develop and continuously improve a comprehensive security program that addresses identified risks.
Our Principles:
. click apply for full job details