ZipRecruiter

Log In

1

Do 326A Jobs (NOW HIRING)

Archer

Enterprise Cloud Security Engineer

San Jose, CA · On-site

Familiarity with DO-326A (Airworthiness Security), ITAR regulations, or safety-critical systems. * Certifications: AWS Certified Security - Specialty, Azure Security Engineer (AZ-500), CKA (Certified ...

Archer

Enterprise Cloud Security Engineer

San Jose, CA · On-site

Familiarity with DO-326A (Airworthiness Security), ITAR regulations, or safety-critical systems. * Certifications: AWS Certified Security - Specialty, Azure Security Engineer (AZ-500), CKA (Certified ...

Archer

Enterprise Cloud Security Engineer

San Jose, CA · On-site

Map cloud security controls to industry frameworks, including NIST SP 800-53, ISO 27001, and aviation-specific standards like DO-326A--Automate evidence collection for audits. • Threat Detection ...

Garmin

Aviation Systems Security Engineer

Olathe, KS · On-site

... RTCA DO-326A, EUROCAE ED-202A, or ASTM F3532 • Experience with avionics certification standards and guidance such as ARP 4754[A] or ARP 4761 • Demonstrated passion for and involvement in the ...

BAE Systems USA

Senior Software Engineer

Endicott, NY · Hybrid

$88K - $149K/yr

DoD Risk Management Framework (RMF), DO-326A Airworthiness Security Process Specification or ISO-21434 Road Vehicle Security. * Experience with MITRE's CVEs, CWEs, CAPEC and ATT&CK. * Experience with ...

next page

Showing results 1-20

All JobsDo 326A Jobs

Do 326A information

What are DO-326A standards?

DO-326A, also known as 'Airworthiness Security Process Specification,' is a standard developed by RTCA that provides guidelines for implementing cybersecurity processes in aviation systems. It outlines a framework for identifying, assessing, and mitigating cybersecurity threats to aircraft and related systems. The standard is crucial for ensuring that electronic systems onboard aircraft are protected from unauthorized access and malicious attacks throughout their lifecycle. Compliance with DO-326A is often required for new aircraft certification, especially as digital connectivity becomes more essential in aviation.

What are the key skills and qualifications needed to thrive as a DO-326A (Aviation Cybersecurity) specialist, and why are they important?

To thrive as a DO-326A specialist, you need in-depth knowledge of aviation systems, cybersecurity principles, and regulatory compliance, often supported by a degree in engineering or computer science and relevant industry experience. Familiarity with security assessment tools, risk management frameworks, and specific aviation cybersecurity standards such as DO-326A, DO-355, and DO-356 is essential. Strong analytical thinking, problem-solving skills, and effective communication set individuals apart in this role. These skills and qualifications are crucial to ensure the safety, reliability, and regulatory compliance of aviation systems against evolving cyber threats.

What are the most common challenges faced by professionals in the Do 326A role, and how can they be addressed?

Professionals working in the Do 326A role, which involves compliance with aviation safety standards, often face the challenge of ensuring strict adherence to complex certification requirements and maintaining thorough documentation. Balancing technical development with regulatory obligations can be demanding, especially when collaborating with cross-functional teams such as engineering and quality assurance. Overcoming these challenges typically involves staying up-to-date with evolving standards, effective communication, and developing strong organizational skills to track compliance activities. Leveraging internal training resources and mentorship from experienced colleagues can also significantly ease the transition and help maintain compliance.

What is the difference between Do 326A vs Do 326B?

AspectDo 326ADo 326B
Required CertificationsTypically requires specific electrical or technical certificationsSimilar certification requirements, often overlapping
Work EnvironmentPrimarily fieldwork in industrial or construction sitesFieldwork with additional focus on maintenance tasks
Industry UsageCommonly used in construction, manufacturing, and industrial sectorsUsed in similar industries, often as a related or supporting role

Do 326A and Do 326B are roles with overlapping certifications and work environments, mainly in industrial and construction settings. While Do 326A may focus more on installation tasks, Do 326B often emphasizes maintenance. Both roles are essential in their industries and frequently searched together by professionals seeking similar qualifications and job functions.

Enterprise Cloud Security Engineer

Enterprise Cloud Security Engineer

Archer

San Jose, CA • On-site

Other

Posted 18 days ago

Job description

We are looking for a top-tier Enterprise Cloud Security Engineer to design and secure the cloud infrastructure supporting the next phase of sustainable air mobility. You are a collaborative, hands-on professional with excellent communication skills and the ability to see the big picture. In this role, you will be responsible for securing our cloud-native environments (AWS/Azure) and ensuring that our telemetry, flight operations, and enterprise systems are protected against advanced persistent threats. You will connect DevOps and Security by incorporating "secure-by-design" principles into our Infrastructure as Code (IaC) and CI/CD pipelines, while ensuring compliance with aviation and federal standards (NIST CSF, 800-53, FedRAMP, DO-326A).

Key Responsibilities

  • Cloud Architecture & Hardening: Design, implement, and maintain secure cloud architectures across AWS and Azure. Enforce zero-trust principles and least-privilege access using advanced IAM policies and roles.
  • Infrastructure as Code (IaC) Security: Lead the security review and automated scanning of IaC templates (Terraform, CloudFormation, Helm). Prevent misconfigurations before they reach production.
  • DevSecOps & Automation: Integrate security tooling (CSPM, CWPP, Secret Scanning) directly into CI/CD pipelines (Jenkins, GitLab, GitHub Actions) to enable rapid, secure deployment.
  • Kubernetes & Container Security: Secure containerized workloads and orchestration platforms (EKS/AKS), ensuring runtime protection, image scanning, and network segmentation.
  • Compliance & Governance: Map cloud security controls to industry frameworks, including NIST SP 800-53, ISO 27001, and aviation-specific standards like DO-326A-Automate evidence collection for audits.
  • Threat Detection & Incident Response: Build high-fidelity detection rules for cloud threats using SIEM/SOAR platforms. Lead investigations into cloud security incidents and perform forensics on ephemeral workloads.
  • Telemetry & Data Protection: safeguard critical flight telemetry and sensitive data pipelines through robust encryption, key management (KMS/HSM), and data loss prevention (DLP) strategies.

Required Qualifications

  • Experience: 5+ years of experience in Cloud Security, DevSecOps, or Infrastructure Engineering, with at least 3 years focused on public cloud (AWS, Azure, and GCP).
  • Technical Mastery: Deep hands-on expertise with Terraform, Kubernetes, and Linux environments.
  • Coding/Scripting: Proficiency in Python, Go, or Bash for automating security tasks and building custom tooling.
  • Security Tooling: Experience implementing and tuning CSPM/CNAPP tools (e.g., Wiz, Prisma Cloud, Orca, Sysdig) and SIEM platforms (Tenex, Splunk, Datadog Security).
  • Frameworks: Working knowledge of NIST CSF, NIST 800-53, or FedRAMP requirements.

Preferred Qualifications

  • Aerospace/Defense Experience: Familiarity with DO-326A (Airworthiness Security), ITAR regulations, or safety-critical systems.
  • Certifications: AWS Certified Security - Specialty, Azure Security Engineer (AZ-500), CKA (Certified Kubernetes Administrator), and CISSP, CISM.
  • Architecture: Experience designing "Zero Trust" networks and implementing Service Mesh (e.g., Istio, Linkerd) security.
  • Offensive Security: Experience conducting cloud penetration tests or "Purple Team" exercises to validate defenses.

Please note that this job description is intended to provide a general overview of the position and does not include an exhaustive list of responsibilities and qualifications

At Archer we aim to attract, retain, and motivate talent that possess the skills and leadership necessary to grow our business. We drive a pay-for-performance culture and reward performance that supports the Company's business strategy. For this position we are targeting a base pay between 133,400 - 185,000. Actual compensation offered will be determined by factors such as job-related knowledge, skills, and experience.

Archer is proud to be an Equal Opportunity employer committed to diversity and inclusivity in the workplace. All aspects of employment are decided on the basis of merit, qualifications, and business needs. We do not discriminate based upon race, color, religion, sex, sexual orientation, age, national origin, disability status, protected veteran status, gender identity or any other characteristic protected by federal, state or local laws.Archer is committed to working with and providing reasonable accommodations to job applicants with physical or mental disabilities, and those with sincerely held religious beliefs. Applicants who may require reasonable accommodation for any part of the application or hiring process should provide their name and contact information to Archer's People Team at people@archer.com. Reasonable accommodations will be determined on a case-by-case basis.

Apply