Skip to content
Senior Open Source / Software Compositional Analysis Engineer
| Company | RTX |
|---|
| Location | Texas, USA |
|---|
| Salary | $82000 – $164000 |
|---|
| Type | Full-Time |
|---|
| Degrees | Bachelor’s |
|---|
| Experience Level | Senior |
|---|
Requirements
- Typically requires a Bachelor’s in Science, Technology, Engineering, or Mathematics (STEM preferred) and a minimum of 5 years of prior engineering experience.
- Experience evaluating Open-Source licenses and cybersecurity risks
- Familiarity with vulnerability data bases (e.g., NIST Vulnerability Database) and Software Compositional Analysis tools (e.g., BlackDuck)
- Experience with Software Engineering or Cybersecurity
- Experience with DevSecOps
- Experience with Agile development such as Scrum, Continuous Integration, Automated Testing, etc.
- Experience developing and delivering training or technical presentations (e.g., lunch and learns, customer presentations, milestone reviews, proposal orals, symposium talks, conference presentations, or formal/informal technical training)
- The ability to obtain and maintain a U.S. government issued Secret security clearance is required. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance.
Responsibilities
- Support development of an OSPO and associated services to RTX functions and programs.
- Support the development of Open-Source policies, processes and enablers
- Support the development of Open-Source training for management and engineering.
- Perform cybersecurity and license risk analysis and determine if the proposed FOSS risks are acceptable for the planned use and document risk mitigation steps.
- Keep track of Open-Source adoption, use, maintenance and retirement.
- Contribute to secure development and DevSecOps projects.
- Work with Legal and Intellectual Property to obtain approval for Open-Source releases to the community.
Preferred Qualifications
- Highly preferred experience with Software Compositional Analysis (SCA)
- Experience developing risk mitigation plans
- Experience developing cybersecurity incident reports
- Experience with Static Application Security Testing (SAST)
- Strong software development skills and experience
- Security accreditations – i.e. CISSP, Certified Ethical Hacker (CEH)
- Experience in Systems Engineering, Systems Test and/or Software Disciplines design, development, and test activities
- Experience working with multi-disciplinary teams (e.g., Systems Engineering, Systems Test, Cybersecurity, Software)
- Working knowledge of cloud-based computing, AWS preferred
- Experience with automated cybersecurity practices
- Experience in developing and delivering technical training
- Excellent interpersonal communication and public speaking skills
- Good technical writing skills and experience (white papers, trade studies, process enablers, learning materials, presentations)
- Located within a one-hour drive to an RTX facility
- Active Security Clearance
