Information Technology : Cybersecurity Engineer, Air Traffic Control Systems - Frederick, MD

Your tasks

• LDAP Directory Server Implementation:
• Design, deploy, and maintain LDAP based directory services (e.g., OpenLDAP).
• Integrate Linux systems, applications, and security tools with enterprise authentication directories.
• Configure secure communication (TLS), replication, schema design, and access control policies.
• Ensure directory service scalability, high availability, and compliance with security best practices.
• Development of Syslog Aggregation Service:
• Architect and implement a centralized syslog aggregation environment (e.g., rsyslog, syslog ng, Elastic Stack, Graylog).
• Develop and maintain ingestion pipelines, log normalization, and storage strategies.
• Implement log integrity controls and access management to meet audit and compliance requirements.
• Monitor log infrastructure performance and ensure reliable log collection across all VCS system assets.
• Linux Server Administration:
• Manage, configure, and troubleshoot Linux server platforms (a. o. Oracle Linux 9).
• Perform system provisioning, patching, updates, and lifecycle management.
• Implement automation (Ansible, Bash, Python) to improve system reliability and reduce manual tasks.
• Monitor system performance, availability, and security across production and staging environments.
• Linux Cybersecurity Penetration Testing
• Conduct penetration tests and security assessments of Linux systems, services, and applications.
• Identify vulnerabilities, misconfigurations, and privilege escalations through manual and automated testing.
• Work with engineering and operations teams to remediate findings and improve system security posture.
• Prepare detailed reports, risk assessments, and technical recommendations.
• Hardening of Linux Services (DISA STIG):
• Apply DISA STIG benchmarks and hardening requirements to Linux systems and applications.
• Develop and maintain compliance baselines using automated tools (e.g., OpenSCAP, Ansible STIG roles).
• Perform regular compliance scans and deliver remediation plans.
• Document hardening configurations, exceptions, and system security plans.

Your qualifications

• BS degree in Computer Science, Engineering, or related field. Masters preferrred.
• 10+ years experience
• Strong understanding of NIST SP 800‑53 and related cybersecurity and risk management frameworks.
• Experience in developing System Security Plans or similar regulatory documentation.
• Solid knowledge of system security architecture design, including secure networks, communication protocols, and system modeling.
• Familiarity with safety‑critical or real‑time systems, preferably within aviation, transportation, or defense.
• Ability to perform structured security assessments and threat modeling.
• Experience collaborating with cross‑functional engineering and R&D teams.
• Strong analytical, documentation, and technical communication skills
• Experience in the aviation domain (ATC) is preferred.
• Understanding of regulatory ecosystems such as EUROCONTROL, ICAO, EASA is a plus.
• Strong expertise with Linux operating systems and command line administration.
• Deep understanding of identity services, LDAP architecture, and secure authentication mechanisms.
• Experience developing and managing centralized logging and syslog infrastructures.
• Knowledge of cybersecurity standards, system hardening frameworks, and security architectures.
• Hands on experience conducting penetration tests or security assessments on Linux environments.
• Familiarity with DISA STIG, CIS Benchmarks, or similar compliance frameworks.
• Proficiency in scripting languages (Bash, Python) and configuration management tools (Ansible).
• Solid understanding of networking concepts, TCP/IP, firewalls, and secure protocols.
• In order to be considered, candidates must reside in the US and have US citizenship, and be able to obtain US Government Public Trust Security Clearance. Preferred Qualifications:
• Certifications: RHCE, Security+, CEH, OSCP, GCUX, GCIA, or similar.
• Experience with automation tools for hardening and compliance (SCAP, Ansible STIG).
• Exposure to SIEM platforms and advanced logging systems.
• Experience with virtualization and cloud platforms (VMware, AWS, Azure, OpenStack).

Interested?

We are looking forward to receiving your application!

The total compensation for this position is $97K-$140K. Total compensation includes base salary, variable pay (when applicable) plus benefits. The range is determined by the position, geographic location and level. Individual pay within the range is determined by several factors including location, education or training, relevant work history, sales incentive structure and job-related skills.

Rohde & Schwarz is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, race, color, religion, national origin, disability, protected Veteran status, age or any other characteristic protected by law.