Wind River is a global leader in delivering software for mission-critical intelligent systems. For more than four decades, the company has been an innovator and pioneer, powering billions of systems that require the highest levels of security, safety, and reliability. Helps customers across automotive, aerospace, defense, industrial, medical, and telecommunications industries solve complex technology challenges. Plays a key role in NASA space missions such as Artemis I, the James Webb Space Telescope, and multiple Mars rovers. Achieved recent 5G milestones including the world’s first successful 5G data session with Verizon and building one of the largest Open RAN networks in the world with Vodafone. Received industry recognition for technology innovation and leadership, and for workplace culture, including global Great Place to Work certification. Named a “Top Workplace” for ten consecutive years. Encourages a unique culture based on growth mindset, customer-focus, and diversity, equity, inclusion & belonging.
Senior Security & Compliance Engineer
Location
Texas
Posted
127 days ago
Salary
0
Seniority
Senior
Job Description
Senior Security & Compliance Engineer
Aptiv
• Drive adherence to FIPS, STIG, CIS benchmarks, and Secure Development Lifecycle (SDL) practices • Manage encryption tools (e.g., OpenSSL and related libraries) and ensure cryptographic compliance • Implement and maintain segmentation, secrets management, certificate lifecycle processes, and least privilege access controls • Ensure audit readiness and compliance with industry standards • Oversee generation of OS images (.iso, qcow2, container images) and maintain secure OS installer workflows • Secure CI pipelines and entitlement backend systems, ensuring integrity and compliance throughout build and deployment processes • Monitor CVEs, manage vulnerability remediation, and coordinate timely patching and fixes • Implement and maintain secure boot processes • Develop and execute security testing strategies, including regression and final build validation • Ensure security and compliance across all sites (.org, .pro, .dev) and entitlement portals
Job Requirements
- Bachelor degree in Computer Science, Cybersecurity, or related field (or equivalent experience)
- 5+ years of experience in Linux security engineering, preferably with Debian or derivatives
- Strong knowledge of compliance frameworks (FIPS, STIG, CIS) and SDL practices
- Hands-on experience with secure boot, encryption tools, and vulnerability management
- Proficiency in CI/CD security, image generation, and OS installer processes
- Familiarity with CVE tracking, patching baselines, and audit readiness
- Excellent problem-solving and communication skills
- Must reside in Greater Austin, TX area with ability to be present on site
- United States Citizenship required
Benefits
- Hybrid work model for workplace flexibility
- Comprehensive health, dental, and life insurance
- Short and long-term disability coverage
- RRSP matching for financial security
- Flexible time-off policies for work-life balance
- Employee assistance program for mental well-being
- Learning benefits, including a LinkedIn Learning subscription and seminars
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Senior Engineer, Penetration Test – Cybersecurity
Ensemble Health PartnersEnsemble Health Partners is a hospital and healthcare company that partners with client hospitals to help them develop processes, train teams, reach their finan
• Lead, scope and conduct penetration testing engagements across various technologies • Develop and execute advanced red team exercises to assess real-world attack resilience • Report findings to technical and executive-level audiences • Validate threat models for developed systems • Conduct social engineering activities to assess security posture • Enhance enterprise security policies and documentation
Product Security Engineer
DevRevBridging the gap between Developers (Dev) and End-Users (Rev) across the globe.
• Actively test our SaaS product for security vulnerabilities across web apps, APIs, and cloud infrastructure. • Perform manual security testing and targeted penetration tests (beyond automated scanners). • Implement and help implement automated security test suites. • Identify abuse cases, business logic flaws, and real-world attack paths. • Work directly with engineers to reproduce issues and drive fixes. • Help introduce lightweight security practices into the development process (threat modeling, secure design reviews). • Validate fixes and ensure issues are fully resolved. • Stay current on new vulnerabilities, attack techniques, and SaaS-relevant threats.
Lead Applications Security Engineer
Centene CorporationTransforming the health of the communities we serve, one person at a time.
• Leads cybersecurity and privacy principles to ensure the organization's applications and services are implemented according to internal security standards • Recognizes vulnerabilities in security systems • Oversees and performs threat modeling, security code reviews, security assessments • Engineers and develops cloud automation routines to streamline operations • Promotes understanding and adherence to the SSDLC Policy and Standards • Ensures the implementation and maintenance of application security standards • Executes architectural analysis of the current application security architecture • Leads the audit of application security and operational configurations • Remediates application security incoming alerts/vulnerabilities • Creates application security documents, design standard operating procedures • Automates routine operational tasks related to application security • Implements application security solutions such as authentication, authorization, encryption, logging, and application security testing throughout the secure software development life cycle (SSDLC) • Undertakes initiatives/policies to review and generate recommendations for the application security configuration
• Leidinggeven aan het team bij het monitoren van beveiligingsincidenten • Speel een sleutelrol bij technische analyses • Ontwikkelen van beleid en performance metrics
