Cyber Risk Manager Jobs in Alabama (NOW HIRING)

Worker Type
Regular
Job Description
Summary
AV delivers battlefield-proven systems and next-generation capabilities across all domains of modern defense. The Senior Cyber Engineer ensures those systems, and the environments they operate in, are secure, resilient, and supportable across their full lifecycle.
This role is focused on securing the application and infrastructure layers of AV systems. It works directly with engineering and infrastructure teams to ensure cybersecurity is implemented in a way that supports how AV designs, builds, deploys, and sustains products across multiple sites and programs.
Rather than functioning as a compliance or monitoring role, this position is hands-on, ensuring systems are secure in practice, not just compliant on paper and that cybersecurity is consistently applied across development, deployment, and sustainment. You will be the enterprise authority for cybersecurity at the application and infrastructure layers, governing how AV designs, implements, and sustains secure digital platforms across sites and programs.
Preferred Location(s)
Huntsville, AL; Dayton, OH; Melbourne, FL; Albuquerque, NM (flexible)
Role Overview
The Senior Cyber Engineer operates at the intersection of software, infrastructure, and system engineering, supporting secure design and implementation across AV's product and enterprise environments.
This includes working with engineering teams to identify and correct vulnerabilities early in the design process, guiding secure implementation of software and infrastructure, and ensuring systems are properly hardened, monitored, and supportable in real-world operational environments.
The role applies fit-for-purpose cybersecurity approaches, recognizing that different systems-whether disposable or serviceable, sensitive or non-sensitive-require different levels of protection, persistence, and data handling.
This is a hands-on engineering role where the individual is expected to actively participate in implementation, remediation, and system-level problem solving-not solely provide guidance.
Position Responsibilities

• Support cyber secure design and implementation across application and infrastructure layers, including software architectures, APIs, data handling, operating systems, networks, cloud, and container environments.
• Participate in architecture and design reviews (SRR/PDR/CDR) to identify vulnerabilities and implementation risks early, providing practical, implementable solutions that enable progress rather than delay it.
• Lead and support system hardening efforts using established standards (e.g., STIGs, CIS benchmarks) and define repeatable approaches to vulnerability scanning and remediation using tools such as ACAS and Nessus.
• Lead or directly support remediation of cybersecurity vulnerabilities, including patching systems, validating fixes, and ensuring issues are resolved without introducing new operational risk.
• Ensure systems are properly instrumented for logging, monitoring, and auditability, and that security-relevant data is available and usable across development, test, and operational environments. Support integration with SIEM platforms such as Splunk or Elastic.
• Support RMF/NIST-based accreditation efforts by translating control requirements into concrete design and implementation guidance, ensuring systems meet required controls without introducing unnecessary process friction.
• Serve as a practical integration point between engineering, IT infrastructure, and cybersecurity functions, helping align system designs with enterprise security expectations while maintaining program execution.
• Investigate cybersecurity issues across development, integration, and fielded systems, working with teams to implement corrective actions and improve system resilience over time.
• Support integration of cybersecurity practices into broader system and data environments, including alignment with PLM/ERP systems (e.g., Arena, Oracle Fusion) where applicable, and ensuring configurations and baselines are traceable and controlled.
• Act as a cross-functional advisor, influencing engineering and program teams through risk-based reasoning and practical tradeoffs between mission, performance, cost, and security.

Enterprise Cybersecurity Governance

• Define and maintain security baselines and patterns for software, infrastructure, and data flows.
• Establish and improve cybersecurity processes integrated into engineering workflows, design reviews, and configuration & release.

Basic Qualifications (Required Skills & Experience)

• Bachelor's degree in Cybersecurity, Computer Science, Engineering, or related field
• 7+ years of experience across application security, infrastructure/network security, or systems security
• Hands-on experience with system hardening, vulnerability management, and secure system implementation in operational environments
• Experience working directly with engineering teams in identifying, patching, and/or fixing cybersecurity vulnerabilities during all phases of development
• Involvement with RMF / NIST frameworks and their practical use at the application and infrastructure levels
• Experience supporting or leading cybersecurity compliance efforts aligned to CMMC Level 2 (or equivalent NIST 800-171 implementations), in a medium to large sized environment with comparably complex products.
• Strong cross-domain understanding of software, infrastructure, networking, and system interactions with a proven ability to Influence design and implementation decisions

Other Qualifications & Desired Competencies

• Experience in aerospace, defense, or other high-reliability environments
• Familiarity with SIEM tools (Splunk, Elastic), vulnerability tools (ACAS, Nessus), and standard hardening practices (STIGs, CIS)
• Experience with cloud platforms (AWS, Azure) and containerized environments (Docker, Kubernetes)
• DevSecOps experience, including CI/CD integration and automation (Python, PowerShell, Bash)
• Experience supporting production or high-rate environments where cybersecurity must scale
• Relevant certifications (e.g., Security+, CISSP, CASP)
• Active or eligible security clearance (preferred, not required)
• "Demonstrated ability to institutionalize security engineering practices or standards across multiple programs or sites."

Position Character
This is a hands-on engineering role, not a SOC-only or compliance-only position. The Senior Cyber Engineer works directly with engineering teams to ensure systems are secure in implementation, not just in documentation.
This role operates as an enterprise authority, focusing on how cybersecurity is implemented across programs and sites rather than owning a single program. It bridges application, infrastructure, and system-level security, helping AV deliver systems that are not only compliant, but operationally secure, supportable, and resilient in the field.
Physical Demands

• Ability to work in an office environment (Constant)
• Required to sit and stand for long periods; talk, hear, and use hands and fingers to operate a computer and telephone keyboard (Frequent)

Clearance Level
No Clearance
The salary range for this role is:
$91,000 - $129,150
AeroVironment considers several factors when extending an offer, including but not limited to, the location, the role and associated responsibilities, a candidate's work experience, education/training, and key skills.
ITAR Requirement:
This position requires access to information that is subject to compliance with the International Traffic Arms Regulations ("ITAR") and/or the Export Administration Regulations ("EAR"). In order to comply with the requirements of the ITAR and/or the EAR, applicants must qualify as a U.S. person under the ITAR and the EAR, or a person to be approved for an export license by the governing agency whose technology comes under its jurisdiction. Please understand that any job offer that requires approval of an export license will be conditional on AeroVironment's determination that it will be able to obtain an export license in a time frame consistent with AeroVironment's business requirements. A "U.S. person" according to the ITAR definition is a U.S. citizen, U.S. lawful permanent resident (green card holder), or protected individual such as a refugee or asylee. See 22 CFR § 120.15. Some positions will require current U.S. Citizenship due to contract requirements.
Benefits: AV offers an excellent benefits package including medical, dental vision, 401K with company matching, a 9/80 work schedule and a paid holiday shutdown. For more information about our company benefit offerings please visit: http://www.avinc.com/myavbenefits.
We also encourage you to review our company website at http://www.avinc.com to learn more about us.
Principals only need apply. NO agencies please.
About AV:
AV isn't for everyone. We hire the curious, the relentless, the mission-obsessed. The best of the best.
We don't just build defense technology-we redefine what's possible. As the premier autonomous systems company in the U.S., AV delivers breakthrough capabilities across air, land, sea, space, and cyber. From AI-powered drones and loitering munitions to integrated autonomy and space resilience, our technologies shape the future of warfare and protect those who serve.
Founded by legendary innovator Dr. Paul MacCready, AV has spent over 50 years pushing the boundaries of what unmanned systems can do. Our heritage includes seven platforms in the Smithsonian-but we're not building history, we're building what's next.
If you're ready to build technology that matters-with speed, scale, and purpose-there's no better place to do it than AV.
We are proud to be an EEO/AA Equal Opportunity Employer, including disability/veterans. AeroVironment, Inc. is an Equal Employment Opportunity (EEO) employer and welcomes all qualified applicants. Qualified applicants will receive fair and impartial consideration without regard to race, sex, color, religion, national origin, age, disability, protected veteran status, genetic data, sexual orientation, gender identity or other legally protected status.
ITAR
U.S. Citizenship required. Must be willing to work on government contracts and have the ability to obtain a security clearance.