Sr Engineer, Aircraft Security /// Fort Worth, TX ( face to face ) /// Longterm Contract
vardhan
Fort Worth, TX ( face to face )
Longterm Contract
Description:
Writes, tests, and documents technical work products (e.g., code, scripts, processes) according to organizational standards and practices
· Solves technical problems and builds components/libraries with far-ranging impact
· Delivers high quality work and coaches more junior engineers on technical craftsmanship
· Conducts root cause analysis to identify systemic problems and defines and leads execution of action items to address
· Designs thoughtfully integrated systems that model organizational best practices, allowing disparate teams across product domains to deliver value with speed, scale, and reliability
· Oversees the management of technical debt in existing systems and drives opportunities to eliminate within ongoing implementations
· Consistently anticipates scaling, latency, and durability challenges and guides teams in implementation of mitigating strategies
· Partners with the security organization to incorporate security conscious practices early in the lifecycle of new systems
· Thoughtfully evaluates technical risks and guides toward practical prevention strategies
· Consistently reflects on squad delivery practices throughout their span of of influence, recommends improvements to leadership and drives their implementation
· Maintains a focus on removing the duplication of effort across teams and proactively identifies opportunities for reuse within their span of influence
· Thoughtfully measures and assesses team and identifies areas of development for individuals
· Explores emerging technologies, leads development of prototypes with little or no guidance and incorporates into architectural solutions where appropriate
Top Requirement:
5+ years in security engineering with demonstrated independent project ownership (not queue-based SOC analyst experience), including hands-on PKI engineering
Self-directed detection engineering & investigation — Microsoft Sentinel, KQL/query and rule authoring, dashboards, and end-to-end security event investigation, driven independently with strong written documentation (not queue/triage-based SOC work).
PKI engineering (not just certificate consumption) — demonstrable understanding of PKI solution design and operations: enrollment protocols (SCEP, EST), Certificate Policy / Certification Practice Statement (CP/CPS), trusted roles, Levels of Assurance, NIST SP 800-63, and real use cases such as certificate-based authentication and software signing/validation.
Remediation lifecycle engineering — owning remediation-plan review and vulnerability/finding tracking from finding to validated closure.
Nice to Have Skills and Experience (preferred but not required):
Hands-on AI/agentic security tooling (e.g., Claude / LLM-assisted code & configuration analysis, prompt engineering for security use cases) per CISO AI direction; Absolute endpoint platform engineering (SSO, policy groups, API); scripting/automation (Python/PowerShell); aviation / OT / cyber-physical or embedded-systems exposure; HSM / key-management and code-signing infrastructure; aviation secu
Comment: This is Sr Engineer, Aircraft Security (Detection, Remediation & PKI) Willing to work onsite 3x a week. 1 virtual, 1 Onsite interview Not open to visa candidates at this time
Updated from he Hiring manager:
OTHER: Please read
Contract is renewable
This is not a SOC / alert-queue role. There is no ticket queue, no shift rotation, and no one handing out tasks — the engineer is expected to own outcomes and drive them to completion independently. You will operate as a self-directed engineer on the Aircraft Security team, identifying what needs to be built, scoping it, and delivering it with minimal direction.
Representative work (you decide the "how"): engineer and continuously improve detection content and analytics across aircraft/connected-system telemetry (Microsoft Sentinel / SIEM and related analytics platforms); investigate security events end-to-end and drive response; own remediation plans from finding to validated closure; engineer and operate the Absolute endpoint/device platform (SSO, policy groups, API integrations); bring PKI engineering depth across aircraft-security certificate use cases — enrollment protocols (SCEP/EST), trusted-role operations, and certificate lifecycle for certificate-based authentication and software signing/validation; and apply AI/agentic tooling (e.g., Claude security capability) to work faster and go deeper. You are expected to spot the big-picture problem, propose the approach, and execute. This seat backfills a departing senior engineer who owned detection analytics, log investigations, remediation-plan review, and the Absolute platform.
Needs a A self-starting, entrepreneurial engineer — a "go-getter," not a "ticket-taker." They thrive with ownership and ambiguity: given a goal rather than a task list, they scope the work, set the direction, and deliver. Big-picture thinker who connects detection, remediation, and PKI into a coherent security outcome, and applies their craft without needing to be managed task-to-task. Brings real PKI engineering depth (SCEP/EST, CP/CPS, trusted roles, Levels of Assurance, NIST SP 800-63, certificate-based auth and software signing/validation — not just certificate usage), is comfortable using AI/agentic tooling to move faster, and operates independently in a small, high-trust team covering safety-sensitive systems. This role will not be a fit for someone who wants a steady queue of assigned tickets or close day-to-day direction.
What is the team environment and structure like?:
Small, senior, mission-focused Aircraft Security team within AA Cybersecurity. Lanes include platform engineering, PKI/certificate ops, logging/SIEM, analytics/remediation, fleet delivery, and risk/compliance. Collaborative, low-bureaucracy, high-autonomy, agile cadence; the team runs on ownership rather than assigned tasks. Reports to the Sr Manager, Cyber Physical Security.
How will the resource(s) fit into your team?:
Fills the analytics/remediation engineering lane vacated by a departing senior engineer and adds PKI engineering depth that reduces single-point-of-failure risk in the certificate lane. The engineer absorbs a short knowledge transfer at onboarding, then takes independent ownership of detection analytics, log investigations, remediation tracking, and the Absolute platform.