Job Description

The ISR (Intelligence, Surveillance & Reconnaissance), Aviation, and Security (IAS) business area is a leader in ISR and aviation, it is a leading prime manned and unmanned aircraft systems integrator for innovative, high-performance ISR and aviation systems. Its end-to-end Command, Control, Computers, Communications and Intelligence, Surveillance & Reconnaissance (C4ISR) capabilities encompass design, integration, test, certification, ground/flight training and complete logistics support. IAS tailors solutions to customer cost, performance, and schedule requirements and designs to consistently exceed expectations – with an unrivaled record of on time and on (or under) budget deliveries.

If you like solving complex IT and security problems using your deep analytical skills, this is the opportunity for you! As a Senior Systems Security Engineer, you will lead the design and implementation of our security infrastructure. You will manage complex security projects, provide strategic direction for security practices, and mentor junior engineers.

Responsibilities:

Application Administration — Backend & Frontend

• Manage the full application lifecycle for critical engineering and DevOps platform applications — installation, configuration, patching, version upgrades, and retirement across RHEL/Linux environments.
• Administer backend application server infrastructure including Apache Tomcat, JBoss/WildFly, or equivalent Java EE application servers — including heap tuning, connection pool management, and log configuration.
• Manage frontend application delivery including web server configuration (Apache HTTPD, Nginx), reverse proxy setup, SSL/TLS certificate management, and load balancer integration.
• Develop and maintain application configuration baselines — version-controlled configuration files, environment-specific parameter management, and configuration drift detection.
• Execute application patching and update cycles in alignment with program change management processes — including pre-patch testing, rollback planning, and post-patch validation.
• Monitor application health, performance, and availability using platform-specific monitoring tools and enterprise monitoring solutions — proactively identify and resolve performance degradation before it impacts users.
• Maintain application licensing compliance — track license utilization, manage license server configurations, and coordinate renewals and procurement with program management.

RHEL / Linux Systems Administration

• Administer Red Hat Enterprise Linux (RHEL) and/or CentOS/Rocky Linux environments supporting engineering application workloads — including system installation, hardening, user management, and package management (RPM/YUM/DNF).

• Manage Linux system services, startup configurations (systemd), file system management, and storage mount points for application data and log directories.

• Implement and maintain RHEL DISA STIG hardening — apply security controls, manage firewall rules (firewalld/iptables), configure SELinux policies, and provide STIG compliance evidence for ATO/RMF packages.

• Perform Linux performance tuning for application workloads — kernel parameter optimization, I/O scheduling, network stack tuning, and memory management.

• Develop shell scripts (Bash) and automation for routine administration tasks — log rotation, health checks, backup execution, user provisioning, and configuration validation.

• Manage LDAP/Active Directory integration for Linux-hosted applications — configure Kerberos authentication, PAM modules, and SSSD for centralized identity management.

JFrog / Artifactory Administration

• Install, configure, and administer JFrog Artifactory as the program's enterprise artifact repository — including repository configuration (local, remote, virtual), user and group management, permission targets, and access federation.

• Manage artifact lifecycle policies — retention rules, cleanup policies, storage quota management, and artifact promotion workflows across development, staging, and production repositories.

• Configure Artifactory integration with CI/CD pipelines — GitLab CI, Jenkins, or equivalent — ensuring artifact publish, resolve, and promotion workflows function reliably across the DevSecOps pipeline.

• Implement and maintain software supply chain security controls in Artifactory — Xray integration for vulnerability scanning, license compliance enforcement, and malicious package detection on inbound dependencies.

• Manage Artifactory high availability configurations, backup and restore procedures, and database backend maintenance (PostgreSQL or equivalent).

• Administer JFrog Distribution or JFrog Pipelines if in scope — coordinate artifact distribution to downstream environments including air-gapped or classified network segments.

GitLab / GitHub Administration

• Administer GitLab self-managed or GitLab.com instances — including installation and upgrades, runner configuration and management, group and project structure governance, and user access control (RBAC).

• Configure and maintain GitLab CI/CD pipeline infrastructure — shared runners, specific runners, runner scaling, and pipeline security controls including protected branches and approval rules.

• Administer GitHub Enterprise or GitHub.com organization settings — repository management, team and permission structures, branch protection rules, Actions workflow governance, and security policy enforcement.

• Implement GitLab/GitHub security hardening — audit log management, secret scanning, dependency scanning, SAST integration, and compliance framework configuration.

• Manage GitLab/GitHub high availability, backup, and disaster recovery procedures — including Gitaly cluster management, object storage configuration, and restore testing.

• Support migration and consolidation of repositories between platforms or instances — including history preservation, permission mapping, and CI/CD pipeline migration.

3DEXPERIENCE (3DX) Platform Administration

• Maintain and administer the Dassault Systemes 3DEXPERIENCE (3DX) platform — including server configuration, service management, database backend administration, and user provisioning.

• Ensure 3DX data continuity and model integrity — manage collaborative spaces, platform backups, data restoration procedures, and version control for engineering models and assemblies.

• Perform 3DX platform upgrades, hotfix application, and patch management in alignment with program change management processes and Dassault Systemes maintenance windows.

• Configure 3DX roles, masks, and access control — manage user licenses, application roles (CATIA, ENOVIA, SIMULIA, DELMIA), and collaborative space permissions aligned with program authorization requirements.

• Administer 3DX integration touchpoints — manage connections between 3DX and adjacent engineering tools (Cameo, Jama, Teamcenter) including API configurations, data exchange pipelines, and synchronization workflows.

• Monitor 3DX platform performance, session management, and database health — identify and resolve bottlenecks that impact engineering team productivity.

• Support ATO/RMF activities for 3DX — apply applicable DISA STIGs or STIG-adjacent security controls for application and database layers and provide compliance documentation.

Cameo Systems Modeler Administration

• Configure and optimize Cameo Systems Modeler (No Magic / Dassault Systemes) for complex systems engineering modeling environments — including server-side Teamwork Cloud (TWC) administration and client deployment management.

• Administer Cameo Teamwork Cloud — manage projects, user access, branching and merging workflows, and model backup and restoration procedures.

• Manage Cameo license server configuration — Flexera/FlexLM or equivalent — including license allocation, concurrent usage monitoring, and license file updates.

• Configure Cameo integration with 3DX, Jama, and other engineering tools — establish and maintain data bridges, synchronization adapters, and API connections that enable cross-tool traceability.

• Support Cameo version upgrades and migration of model repositories — including compatibility testing, migration procedure development, and rollback planning.

• Provide Tier 2/3 technical support for Cameo modeling environment issues — profile configuration problems, plugin conflicts, TWC connectivity issues, and model integrity failures.

Jama Connect / TWC Requirements Management Administration

• Administer Jama Connect requirements management platform — including server administration, database backend management, user and group provisioning, and project configuration.

• Manage Jama Connect upgrades, patches, and backup/restore procedures — ensure availability and data integrity of requirements traceability data across program projects.

• Configure Jama Connect integrations — establish and maintain synchronization connections with Cameo Systems Modeler, Teamcenter, GitLab/Jira, and other downstream tools to ensure end-to-end requirements traceability.

• Administer Teamcenter Workflow and Configuration (TWC) components — manage workflow templates, access controls, and configuration management processes that support program baseline management.

• Maintain Jama and Teamcenter API configurations and integration middleware — troubleshoot synchronization failures, data mapping issues, and connectivity problems between requirements management and engineering execution tools.

• Support program requirements traceability audits — provide administrative evidence of data integrity, change history, and access control compliance for review and audit activities.

Integration Troubleshooting & Interoperability

• Serve as the primary technical escalation point for interoperability issues between engineering applications — diagnose and resolve integration failures between 3DX, Cameo, Jama, Teamcenter, GitLab/GitHub, and Artifactory.

• Develop and maintain integration architecture documentation — data flow diagrams, API dependency maps, authentication chain documentation, and integration runbooks for all cross-application connections.

• Implement integration monitoring and alerting — configure health checks, API availability monitoring, and data synchronization validation to detect integration failures before they impact engineering workflows.

• Manage middleware and integration platform components — message queues, REST/SOAP API gateways, authentication proxies, and data transformation services that support cross-application data exchange.

• Coordinate integration testing following application upgrades or configuration changes — develop regression test procedures that validate all cross-application workflows before production deployment.

• Maintain integration runbooks and escalation procedures — ensure all integration failure scenarios have documented resolution paths and escalation contacts.

Security, Compliance & Change Management

• Apply and maintain DISA STIG hardening for all administered platforms — OS-level (RHEL STIG), application-level (GitLab, Artifactory, application server STIGs), and support ATO/RMF package development with technical evidence and control documentation.

• Manage SSL/TLS certificate lifecycle for all administered applications — certificate issuance, renewal, deployment, and expiration monitoring across all platform endpoints.

• Implement role-based access control (RBAC) across all administered platforms — enforce least-privilege principles, conduct periodic access reviews, and remediate access control findings.

• Execute application changes through formal change management processes — change request submission, technical review participation, implementation planning, and post-change validation.

• Maintain technical documentation for all administered platforms — architecture diagrams, configuration baselines, runbooks, standard operating procedures, and change logs.

• Provide technical support for security audits, compliance assessments, and vulnerability management — coordinate remediation of findings across the administered application stack.

Qualifications You Must Have:

• Bachelor's degree in Systems Security, Network Engineering, Information Technology, or related Engineering discipline.
• 8+ years of experience in IT security or a related field.
• Relevant experience can be considered as a substitute for the required educational qualifications. In the absence of a degree, a minimum of 12 years of related experience is required.
• Higher level relevant degree may substitute for experience.
• Expert understanding of cybersecurity principles and practices.
• Experience with security frameworks and standards such as National Institute of Standards and Technology (NIST), ISO 27001.
• 5+ years of hands-on application administration experience in Linux/RHEL environments — including application installation, configuration, patching, and performance tuning in a production or program-of-record context.

• Demonstrated production experience administering GitLab and/or GitHub at an organizational or enterprise scale — including user/group management, CI/CD runner administration, access control governance, and platform upgrades.

• Demonstrated production experience administering JFrog Artifactory — including repository configuration, permission management, artifact lifecycle policies, and CI/CD pipeline integration.

• Hands-on experience administering at least two of the following engineering applications in a production or program environment: 3DEXPERIENCE (3DX), Cameo Systems Modeler / Teamwork Cloud, Jama Connect, or Siemens Teamcenter.

• Proficient Linux/RHEL system administration skills — RPM/YUM/DNF package management, systemd service management, user and group administration, shell scripting (Bash), and file system management.

• Experience troubleshooting complex multi-application integration failures — API connectivity, authentication chain issues, data synchronization failures, and middleware configuration problems.

• Working knowledge of SSL/TLS certificate management, network firewall rules, and application-layer security configuration in a Linux environment.
• Current/Active Top Secret U.S. Security Cearance is required.

Qualifications We Prefer:

• Relevant certifications: Red Hat Certified System Administrator (RHCSA), Red Hat Certified Engineer (RHCE), GitLab Certified Associate, JFrog Certified Professional, or equivalent.
• Experience administering all four engineering applications — 3DEXPERIENCE (3DX), Cameo Systems Modeler/Teamwork Cloud, Jama Connect, and Siemens Teamcenter — simultaneously within a single program environment.

• Experience administering engineering applications in a classified or air-gapped environment — including managing software distribution, license servers, and integration connectivity across network boundaries.

• DISA STIG application experience for Linux (RHEL STIG) and application platforms — including finding categorization (CAT I/II/III), remediation, false positive documentation, and ATO package contribution.

• Experience with containerization and orchestration platforms (Docker, Kubernetes, OpenShift) for engineering application deployment and management.

• Experience with JFrog Xray for software composition analysis (SCA), vulnerability scanning, and license compliance enforcement integrated into CI/CD pipelines.

• Familiarity with Dassault Systemes 3DX platform architecture — ENOVIA, CATIA V6, VPM, 3DSpace, 3DDashboard — and multi-tenant or multi-server 3DX deployment configurations.

• Experience administering Cameo Teamwork Cloud at scale — multi-server deployments, cluster configuration, model branching governance, and large-scale TWC migration projects.

• Experience with Identity and Access Management (IAM) integration — LDAP, Active Directory, Kerberos, SAML/SSO configuration for engineering application authentication.

• Scripting proficiency in Python or Ansible for application administration automation — configuration management, health check automation, and deployment scripting.

Essential Functions:

• Ability to work primarily at a computer for extended periods.
• Capability to participate in on-call rotation for incident response.
• Must be able to lift up to 25 lbs occasionally.
• Ability to work in an office or hybrid environment.
• Occasional travel may be required.

This posting will be open for application for a minimum of 5 days and may be extended based on business needs.

Estimated Starting Salary Range: $143,487.14 - $197,294.82. Compensation varies depending on a wide array of factors, such as candidates' key skills, relevant work experience, and education/training/certifications. The disclosed range estimate may be adjusted for any applicable geographic differential associated with the location at which the position may be filled.

SNC offers annual incentive pay based upon performance that is commensurate with the level of the position.

SNC offers a generous benefit package, including medical, dental, and vision plans, 401(k) with 150% match up to 6%, life insurance, 3 weeks paid time off, tuition reimbursement, and more

IMPORTANT NOTICE:

This position requires current/active Top Secret with SCI eligibility U.S. Security Clearance. U.S. Citizenship status is required as this position needs an active U.S. Security Clearance for employment. Non-U.S. Citizens may not be eligible to obtain a security clearance. The Department of Defense Consolidated Adjudications Facility (DoD CAF), a federal government agency, handles the adjudicative aspects of the security clearance eligibility process for industry applicants. Adjudicative factors which affect the outcome of the eligibility determination include, but are not limited to, allegiance to the U.S., foreign influence, foreign preference, criminal conduct, security violations and illegal drug use.

Learn more about the background check process for Security Clearances.

SNC is a global leader in aerospace and national security committed to moving the American Dream forward. We’re known and respected for our mission and execution focus, agility, and disruptive and rapid innovation. We provide leading edge technologies and transformative solutions that support our nation’s most critical security needs. If you are mission-focused, thrive in collaborative environments, and want to make our country stronger with state-of-the-art technologies that safeguard freedom, join our team!

SNC is an Equal Opportunity Employer committed to an environment free of discrimination. Employment decisions are made based on merit without regard to race, color, age, religion, sex, national origin, disability, status as a protected veteran or other characteristics protected by law.