Information Technology : Cybersecurity Engineer, Air Traffic Control Systems - Frederick, MD

Your tasks

• Perform detailed cybersecurity assessments of ATC systems, subsystems, and COTS components.
• Map component level controls to applicable cybersecurity frameworks, primarily NIST SP 800 53, as well as complementary frameworks (e.g., NIST CSF, ISO 27001, or aviation specific guidelines when applicable).
• Identify deficiencies, evaluate risk impact on safety critical functions, and define remediation recommendations.
• Produce assessment reports, risk matrices, and control implementation summaries.
• Contribute to the creation, documentation, and maintenance of System Security Plans for ATC systems across their life cycle.
• Describe system boundaries, data flows, interfaces, security controls, operational environments, and residual risks.
• Ensure consistency with regulatory, customer, and internal compliance requirements.
• Collaborate with systems engineering and certification teams to prepare security deliverables for audits and approval processes.
• Design secure architectures for ATC systems, addressing confidentiality, integrity, availability, traceability, and resilience.
• Define system level and component level security controls, zoning concepts, segmentation, and protective monitoring strategies.
• Produce architecture diagrams, security models, and interface control documents.
• Align solutions with aviation safety critical constraints, real time performance requirements, and applicable cybersecurity policies.
• Support R&D and engineering teams by translating security requirements into actionable engineering tasks.
• Review system designs, prototypes, and interfaces for compliance with security standards.
• Provide guidance on closing identified security gaps through secure coding practices, architectural changes, or control enhancement.
• Communicate complex cybersecurity concepts in a clear, engineering-friendly manner.

Your qualifications

• BS degree in Computer Science, Engineering, or related field. Masters preferrred.
• 10+ years experience
• Strong understanding of NIST SP 800‑53 and related cybersecurity and risk management frameworks.
• Experience in developing System Security Plans or similar regulatory documentation.
• Solid knowledge of system security architecture design, including secure networks, communication protocols, and system modeling.
• Familiarity with safety‑critical or real‑time systems, preferably within aviation, transportation, or defense.
• Ability to perform structured security assessments and threat modeling.
• Experience collaborating with cross‑functional engineering and R&D teams.
• Strong analytical, documentation, and technical communication skills
• Experience in the aviation domain (ATC) is preferred.
• Understanding of regulatory ecosystems such as EUROCONTROL, ICAO, EASA is a plus.
• Certifications such as CISSP, GSEC, GCSA, or similar.
• Experience with model‑based systems engineering (MBSE) tools such as Cameo, Capella, or Enterprise Architect.
• Knowledge of risk assessment methodologies (FTA, FMEA, TARA, etc.).
• In order to be considered, candidates must reside in the US and have US citizenship, and be able to obtain US Government Public Trust Security Clearance.

Interested?

We are looking forward to receiving your application!

The total compensation for this position is $97K-$140K. Total compensation includes base salary, variable pay (when applicable) plus benefits. The range is determined by the position, geographic location and level. Individual pay within the range is determined by several factors including location, education or training, relevant work history, sales incentive structure and job-related skills.

Rohde & Schwarz is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, race, color, religion, national origin, disability, protected Veteran status, age or any other characteristic protected by law.