CMC Electronics has earned an international reputation for innovation and excellence in the design, manufacturing and support of electronic products for the aviation markets. CMC is focused on delivering innovative cockpit and avionics system integration solutions to commercial and military customers worldwide.

Its principal facilities are located in Montreal, Quebec; Ottawa, Ontario; Chicago, Illinois and our newest site in Reston, Virginia. CMC is a major supplier to the aerospace and high-technology industries, airlines, military agencies and government customers worldwide.

As we build a new team in Reston, VA, we're looking for engineers and technologists ready to be pioneers in the application of emerging tools and techniques, maintaining the highest reliability demanded by aerospace while bringing forth new products and capabilities at a brisk pace.

This is an onsite position in our Reston, VA office location. To conform to U.S. export control regulations, applicant should be eligible for any required authorization from the U.S. Government.

Why join our team?

CMC is establishing formal product-level cybersecurity, aligned with industry-leading standards like RTCA DO-326A/DO-356A and NIST. You will define the cybersecurity product strategy across our portfolio of cutting-edge navigation systems and mission computers, supporting CMC’s largest customers in defense.

This is an opportunity to build something foundational from the ground up, influencing how cybersecurity is embedded into the core of every product we deliver. If you’re looking to make a real impact in a high-integrity, high-stakes environment, CMC is where your vision and expertise will shape the future.

As a Lead Avionics Cybersecurity Engineer your key responsibilities include:

• Developing the Cybersecurity Roadmap for our Products: Define and implement a comprehensive product-level cybersecurity strategy aligned with RTCA DO-326A/DO-356A airworthiness standards. This includes selecting tools, defining processes, and establishing frameworks to support secure product development.
• Leading Risk and Vulnerability Assessments: Perform in-depth risk analyses and vulnerability assessments to proactively identify and mitigate security threats across our software platforms.
• Establishing Cybersecurity Governance: Create and maintain cybersecurity policies, processes, and procedures that ensure our products are compliant with aviation cybersecurity regulations (RTCA DO-326A/DO-356A) and NIST frameworks, while aligning with industry best practices.
• Securing the Software Development Lifecycle (SDLC): Drive compliance with cybersecurity requirements across all stages of software development — from design and coding to testing and documentation. Design secure architectures, perform secure code reviews, and utilize both static and dynamic analysis tools to uncover and remediate vulnerabilities. Lead verification and validation activities with a security-first mindset.
• Maintaining Technical Expertise: Stay current on regulatory updates, evolving standards, emerging threats, and state-of-the-art tools and countermeasures to ensure CMC products remain ahead of the curve in cybersecurity resilience.
• Building Cybersecurity Awareness: Design and deliver targeted cybersecurity training and awareness programs for engineering teams to foster a culture of secure development and risk-aware thinking.
• Engaging with Customers and Certification Authorities: Act as the primary cybersecurity liaison with defense customers and government certification bodies. Understand their security requirements, propose standardized and reusable solutions, and confidently challenge assumptions when needed—backing your recommendations with sound technical reasoning and a clear understanding of aircraft-level impact

How to excel in this role (job requirements):

• Bachelor’s degree or higher in Computer or Software Engineering, plus a recognized cybersecurity certification (e.g., CISSP, CEH) from an accredited institution
• Minimum 5+ years of hands-on experience in product-level cybersecurity design and implementation, preferably in aerospace or other regulated industries such as automotive, medical devices, or fintech. Experience with RTCA DO-326A/DO-356A is highly desirable.
• Experience in the Aerospace industry with focus on embedded avionics products and knowledge of systems and software engineering principles
• Expertise in secure software development, secure coding principles, and common software vulnerabilities, with knowledge of existing market products
• Solid understanding of cybersecurity frameworks and standards (e.g., CMMC 2.0, NIST CSF, ISO 27001, PCI DSS)
• Experience with security testing tools and techniques, including SAST, DAST, fuzz testing, and penetration testing.

What we offer:

• Fast paced environment with significant autonomy
• ¨Start up¨ work environment in a well-established organization
• 401K Match Program
• BCBS Medical, HSA with Company contribution, Dental, Vision, Life and Disability Insurance
• Generous PTO Plan

Equal Employment Opportunity

CMC Electronics is an Equal Opportunity and Affirmative Action Employer. CMC Electronics is committed to ensuring equal employment opportunities for all job applicants and employees. Employment decisions are based upon job related reasons regardless of race, ethnicity, color, religion, sex, sexual orientation, age, national origin, disability, gender identity, genetic information, veteran status, or any other status protected by law ("Minority/Female/Disability/Veteran/VEVRAA Federal Contractor”).