Product Security Engineer (Associate or Mid-Level)

Product Security Engineer (Associate or Mid-Level)

Company:

The Boeing Company

At Boeing, we innovate and collaborate to make the world a better place. We’re committed to fostering an environment for every teammate that’s welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us.

The Software Security Capability is looking for Product Security Engineers to drive secure software solutions into a complex hybrid-cloud engineering environment within the Air Dominance portfolio in Berkeley, MO or Hazelwood, MO. Our teams are currently hiring for a broad range of experience levels including Associate and Mid-Level Product Security Engineers.

Are you ready to take your career to new heights? The Software Security Capability, which is aligned to the enterprise Product Security Engineering (PSE) operating group, supports both programs across the Saint Louis Portfolio and is seeking a passionate and experienced software security Engineer to support our cutting-edge Air Dominance programs. This is your chance to impact the next generation of engineering environments at Boeing which will build from our already impressive portfolio of iconic platforms like the F-15 Eagle, F/A-18 Super Hornet, EA-18 Growler, MQ-25 Stingray, and T-7A Redhawk, and contribute to the future of national defense.

Why Join Us?

• Impactful Work: Be part of a team that plays a crucial role in ensuring the safety and security of our nation. Your work will directly contribute to the development of advanced military capabilities.

• Innovative Environment: As a member of our enterprise team, you will collaborate with strong and diverse team of security architects representing major platforms across all Boeing business units and divisions. Our talented group of security professionals support the entire breadth of Boeing platforms and services, allowing your success to push the boundaries of technology and engineering excellence at an enterprise scale.

• Career Growth: We are committed to your professional development. Benefit from mentorship opportunities, tuition assistance program, and a culture that encourages continuous learning and innovation.

Position Responsibilities:

• Lead and Innovate: Incorporate key security concepts through the initial planning, design, and implementation of complex engineering environments spanning multiple sites, incorporating engineering labs, on-premise compute, and secure multi-cloud solutions.

• Customer Focus: Collaborate closely with program customers to support the definition of security requirements, enable seamless systems integration, and ensure systems verification.

• Multi-Discipline: Engage with multiple engineering disciplines, including cloud computing, software engineering – (Artificial Intelligence/Machine Learning (AI/ML), Infrastructure as Code (IaC), DevSecOps), Systems Engineering , Data Science, and Boeing Enterprise Security.

• Shift Security Left: Treat security as a primary concern and engage from the early phases of design to ensure our environment is Secure by Design.

• Secure Software Factories: Build up a strong set of security tools into the DevSecOps pipeline, enabling Cybersecurity Supply Chain Risk Management (C-SCRM), Secure Coding Practices, Software Assurance, and Security Policy Enforcement.

• Standards and Processes: Assist in establishing, integrating standards and processes for product security engineering in support of Digital Infrastructure, and meet applicable program/certification requirements.

• Risk Management: Utilize Risk Engineering digital thread to inform product requirements surrounding cyber survivability against specified cyber threats – by performing criticality, adversity, threat analysis for avionics systems.

• Subject Matter Expert: Provide security expertise to Air Dominance program management and engineering teams through technical design reviews, program gate reviews, and other independent reviews as needed by the engineering function.

Basic Qualifications (Required Skills/Experience):

• Bachelor of Science degree from an accredited course of study in engineering, engineering technology (includes manufacturing engineering technology), chemistry, physics, mathematics, data science, or computer science

• Demonstrated ability to execute in complex digital engineering constructs, including Software Development environments (DevSecOps Pipelines), Engineering Development, Simulation and Test Labs, and Model-Based Systems Engineering (MBSE) environments with a focus on secure integration across development, test, and operational systems

• Experience with DoD Security standards such as  Joint Special Access Program Implementation Plan (JSIG), NIST SP 800-53, NIST SP 800-171, CNSSI 1253, and associated RMF processes

• Familiarity with the Secure Software Development Lifecycle (SDLC), including dependency management, analysis tools, security/test environments, and artifact signing

Preferred Qualifications (Desired Skills/Experience):

• Mid-Level: 3+ years related work experience or an equivalent combination of education and experience

• Have or have held an active U.S. Security Clearance in the past 24 months

• Experience developing or integrating ground or platform architectures

• Experience overseeing the design, development, and testing of engineering solutions, ensuring compliance with industry standards and regulations

• Experience managing or contributing to the Authorization to Operate (ATO) lifecycle, including development of security plans, POA&Ms, and test procedures

• Experience designing, securing, and accrediting cloud-based systems in accordance with DoD or IC security requirements, including implementation of security controls in environments such as AWS GovCloud, AWS Secret Region, or Azure Government

• Experience coordinating and presenting technical content to a diverse audience, as well as preparing technical documentation

• Experience securing commercial cloud environments using practices such as Zero Trust, Access-Based Access Controls (ABAC), Policy as Code and Policy Enforcement Agents, Security Monitoring, Data Forensics and Incident Response.

• Experience developing multi-layer security architectures (encryption, cross domain guards)

• Experience providing work instructions that support the design and documentation of system architectures to ensure accuracy, completeness, and compliance with customer specifications

• Experience in product cyber security for avionics systems and component level development

• Experience performing adversity (threat) analysis, security risk assessments, and maturing the analysis throughout the development lifecycle – to inform requirements, and design

• Experience generating product cyber security artifacts for customer/certifiers

• Security certification is desired (e.g. CISSP); Please state/include on resume

This position is expected to be 100% onsite. The selected candidate will be required to work onsite at one of the listed location options.

Drug Free Workplace:

Boeing is a Drug Free Workplace (DFW) where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria is met as outlined in our policies.

Pay & Benefits:

At Boeing, we strive to deliver a Total Rewards package that will attract, engage and retain the top talent. Elements of the Total Rewards package include competitive base pay and variable compensation opportunities.

The Boeing Company also provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and a number of programs that provide for both paid and unpaid time away from work.

The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location, date of hire, and the applicability of collective bargaining agreements.

Pay is based upon candidate experience and qualifications, as well as market and business considerations.

Summary Pay Range (Associate level): $91,800 - $124,200

Summary Pay Range (Mid-Level): $112,200 - $151,800

Language Requirements:

Not Applicable

Education:

Bachelor's Degree or Equivalent

Relocation:

This position offers relocation based on candidate eligibility.

Export Control Requirement:

This position must meet export control compliance requirements. To meet export control compliance requirements, a “U.S. Person” as defined by 22 C.F.R. §120.15 is required. “U.S. Person” includes U.S. Citizen, lawful permanent resident, refugee, or asylee.

Safety Sensitive:

This is not a Safety Sensitive Position.

Security Clearance:

This position requires the ability to obtain a U.S. Security Clearance for which the U.S. Government requires U.S. Citizenship. An interim and/or final U.S. Secret Clearance Post-Start is required. This position requires ability to obtain program access, for which the U.S. Government requires U.S. Citizenship only.

Visa Sponsorship:

Employer will not sponsor applicants for employment visa status.

Contingent Upon Award Program

This position is not contingent upon program award

Shift:

Shift 1 (United States of America)

Stay safe from recruitment fraud! The only way to apply for a position at Boeing is via our Careers website. Learn how to protect yourself from recruitment fraud - Recruitment Fraud Warning

Boeing is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law.

EEO is the law

Boeing EEO Policy

Request an Accommodation

Applicant Privacy

Boeing Participates in E – Verify

• E-Verify (English)
• E-Verify (Spanish)

Right to Work Statement

• Right to Work (English)
• Right to Work (Spanish)