Think Beyond The Label Jobs

At Oshkosh, we build, serve and protect people and communities around the world by designing and manufacturing some of the toughest specialty trucks and access equipment. We employ over 17,000 team members all united by a common purpose. Our engineering and product innovation help keep soldiers and firefighters safe, is critical in building and keeping communities clean and helps people do their jobs every day.

Move beyond the SOC and consider applying your cybersecurity skills in innovative and complex ways impacting some of the hardest working people in America.

The Senior Principal Product Cybersecurity Engineer works with the Customers, Project Managers, and the Product Engineering team to support secure engineering and design with a focus on automotive systems and subsystems. This role will heavily leverage ISO 21434 cybersecurity for road vehicles, understand NIST risk management framework (RMF), and cyber survivability attributes (CSA) to establish and mitigate risks to automotive systems.

YOUR IMPACT

• These duties are not meant to be all-inclusive and other duties may be assigned

• Evaluate, advise, and implement cybersecurity technologies onto vehicles and supporting systems

• Support the Product Engineering team in writing cyber security requirements, test plans, and conduct testing

• Apply Threat Analysis and Risk Assessment (TARA) concepts

• Peer review security critical areas of software and device configuration

• Document cybersecurity compliance

• Establish component cybersecurity requirements

• Leverage Software Bill-of-Materials (SBOM) to manage component security risk

• Monitor software applications and libraries for security vulnerabilities

• Write and maintain secure software development processes, procedures, and other associated documentation

• Translate cyber security standards into practical processes, procedures, and internal standards

• Strong leadership and interpersonal communication ability

MINIMUM QUALIFICATIONS:

• Bachelor’s degree with five (5) or more years of experience in the field or in a related area

• DoD approved 8570 Baseline certification for an IAM level III role

• Position requires the ability to obtain and maintain security clearance

• Experience applying STIGs and hardening Windows and Linux systems

• Server/workstation/firewall/webserver administration skills.

• Experience in running and managing vulnerability assessment tools

STANDOUT QUALIFICATIONS:

• Master’s degree in Cybersecurity, computer, software, or engineering discipline

• Ability to conduct decision analysis functions

• Familiarization with ISO 21434 Cybersecurity engineering for road vehicles

• Familiarity of relevant security standards such as: ISO 21434, SAE J3061, NIST requirements, FIPS 140/199/200

• Experience performing penetration tests on embedded and/or IoT systems

• Experience using and managing static analysis and software composition analysis tools

• Certifications: CISSP, GIAC, CAP, S+, ACT

WHY OSHKOSH?

Moving the future forward is our priority and this includes your future. We encourage professional development and champion our employees’ success through various skills and training opportunities. Named one of the World’s Most Ethical Companies™ by Ethisphere Institute for six consecutive years, everything we do at Oshkosh is guided by our core values and the 15k+ team members around the world who embody them.

We put people first. We do the right thing. We persevere. We are better together.

Visit our Glassdoor profile (https://www.glassdoor.com/Reviews/Oshkosh-Corporation-Reviews-E1740.htm)

Keep up with us on LinkedIn

#LI-VR

Oshkosh is committed to working with and offering reasonable accommodations to job applicants with disabilities. If you need assistance or an accommodation due to a disability for any part of the recruitment process, please contact our reception desk by phone at +1 (920) 502.3009 or our talent acquisition team by email corporatetalentacquisition@oshkoshcorp.com .

Oshkosh Corporation is an Equal Opportunity and Affirmative Action Employer. This company will provide equal opportunity to all individuals without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status. Information collected regarding categories as provided by law will in no way affect the decision regarding an employment application.

Oshkosh Corporation will not discharge or in any manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with Oshkosh Corporation's legal duty to furnish information.

Certain positions with Oshkosh Corporation require access to controlled goods and technologies subject to the International Traffic in Arms Regulations or the Export Administration Regulations. Applicants for these positions may need to be "U.S. Persons," as defined in these regulations. Generally, a "U.S. Person" is a U.S. citizen, lawful permanent resident, or an individual who has been admitted as a refugee or granted asylum.