Mid-Level Product Security Engineer

Mid-Level Product Security Engineer

Company:

The Boeing Company

Boeing Global Services (BGS) is looking for Mid-Level Product Security Engineer to join our Government Training Systems team in Berkeley, Missouri. The selected candidate will execute on our vision and share our passion for protecting our government training systems, aircraft support equipment, and associated products.  Join our team to provide technical support for product cyber security and resiliency engineering through requirements, design, analysis, build, test, production, operations, support and sustainment.

This PSE team’s portfolio spans exciting programs such as P-8A Poseidon, F/A-18 Super Hornets/Growlers, F-15 Eagle, MQ-25 Stingray, T-7A Red Hawk, F-22 Raptor and V-22 Osprey.  The candidate must be able to consistently, pro-actively recognize and work through a wide range of challenges and bring to resolution. This position involves implementing appropriate security controls and requirements per JSIG, DoD RMF, NISPOM, or other related governing security policies and governances as required by customers.

Position Responsibilities: 

• Supports development, implementation, sustainment of product security and resiliency throughout the requirements, design, build, test, production, operations & support lifecycle.
• Supports development and enhancement of system requirements, along with architectures for product security to meet all applicable certification & customer requirements.
• Supports definition/identification of product security requirements for suppliers of components and subsystems for integration into Boeing products/services.
• Coordinates with key stakeholders (customers (internal/external), suppliers, and industry) at a low level to identify risks.
• Provide insight & recommendations on improving industry/regulatory security standards.
• Supports innovative research and development activities.
• Advise customers on maintaining product security and certification, including security consequences of modifying products and services.
• Ability to build and assess network and software systems architectures.
• Implements, and sustains product security and resiliency throughout the requirements, design, build, test, production, operations, and support lifecycle.
• Completes test setups to system requirements and architectures for product security to meet all applicable certification and customer requirements.
• Configures and ensures security of facilities, equipment, tools, data, networks, and resources used for product: design, development, build, test, storage, delivery, operations, and support.
• Perform cyber/systems security engineering of embedded avionics products, perform threat/risk assessment that establishes threat surfaces and mitigations to maximize resiliency while minimizing vulnerability.
• Supports the establishment of testing and evaluation plans, including cyber test activities & cyber tabletop evaluations.
• Perform assessment of software assurance activities and products, to ensure the security pedigree of software solutions.
• Identifies assets and assesses risks, threats, and vulnerabilities of the product in accordance with accepted industry, professional, and government standards.
• Ensures safe/secure designs while enabling integrity, availability, confidentiality, and non-repudiation of system functions/data, and contract compliance.
• Implements appropriate security controls and requirements per JSIG, DoD RMF Frameworks, NISPOM, or related governing security policies as required by customers.
• Works under minimal direction.

This position is expected to be 100% onsite. The selected candidate will be required to work onsite in Berkeley, MO.

Basic Qualifications (Required Skills/Experience):             

• Bachelor of Science degree from an accredited course of study in engineering, engineering technology (includes manufacturing engineering technology), chemistry, physics, mathematics, data science, or computer science.
• DoD 8570 Level II Certification (e.g. CompTIA Security+, CompTIA CySA+, etc.)
• 5+ years’ experience in development of cybersecurity philosophies, patterns, requirements, secure architectures, and designs.
• 5+ years’ experience in coordinating and presenting technical content to an audience, as well as preparing technical documentation.
• Knowledge of cyber security incident response protocols (identification, impact assessment, containment, remediation, evidence handling, technical reporting, etc.) and safeguarding information.
• Experience and/or knowledge in product security or cybersecurity concepts

Preferred Qualifications (Desired Skills/Experience):

• 8+ years’ experience in development of cybersecurity philosophies, patterns, requirements, secure architectures, and designs.
• Experience scanning for vulnerabilities, implement mitigations, install, administer, and troubleshoot on the following operating systems:
• Microsoft Windows XP, Microsoft Windows 7, Microsoft Windows 10,
• Linux Distributions
• Oracle Solaris (UNIX)
• Experience in product cyber security for avionics systems and component level development
• Experience performing adversity (threat) analysis, security risk assessments, and maturing the analysis throughout the development lifecycle – to inform requirements, and design.
• Experience generating product cyber security artifacts for customer/certifiers.
• Security certification is desired (e.g. CISSP)
• Experience in requirements analysis
• Experience with military aircraft systems
• Experience with Systems Security or Product Security Engineering
• Cybersecurity IAT/IAM Level 1 Certificate or higher IAT/IAM level: IAT Level 1 – A+, Network+, SSCP, IAM Level 2 – CAP, GISF, GSLC, Security+
• Cybersecurity or engineering related degree (i.e. software, computer, network, or systems engineering degree)
• Risk Management Framework process along with both the NIST and DOD standards for RMF
• 2+ years of software experience: knowledge of higher order language programming languages (C/C++, Ada etc.), understanding of software life cycle, ability to read and understand code, and some understanding of secure code practices.

Drug Free Workplace:
Boeing is a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria are met as outlined in our policies.

At Boeing, we strive to deliver a Total Rewards package that will attract, engage and retain the top talent.  Elements of the Total Rewards package include competitive base pay and variable compensation opportunities.  

The Boeing Company also provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and a number of programs that provide for both paid and unpaid time away from work.  

The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location, date of hire, and the applicability of collective bargaining agreements.

Pay is based upon candidate experience and qualifications, as well as market and business considerations.  

Summary Pay Range: $112,200 - $151,800

Language Requirements:

Not Applicable

Education:

Bachelor's Degree or Equivalent

Relocation:

This position offers relocation based on candidate eligibility.

Export Control Requirement:

This position must meet export control compliance requirements. To meet export control compliance requirements, a “U.S. Person” as defined by 22 C.F.R. §120.15 is required. “U.S. Person” includes U.S. Citizen, lawful permanent resident, refugee, or asylee.

Safety Sensitive:

This is a safety-sensitive position and is subject to random drug testing.

Security Clearance:

This position requires an active U.S. Secret Security Clearance (U.S. Citizenship Required). (A U.S. Security Clearance that has been active in the past 24 months is considered active)

Visa Sponsorship:

Employer will not sponsor applicants for employment visa status.

Contingent Upon Award Program

This position is not contingent upon program award

Shift:

Shift 1 (United States of America)

Stay safe from recruitment fraud! The only way to apply for a position at Boeing is via our Careers website. Learn how to protect yourself from recruitment fraud - Recruitment Fraud Warning

Boeing is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law.

EEO is the law

Boeing EEO Policy

Request an Accommodation

Applicant Privacy

Boeing Participates in E – Verify

• E-Verify (English)
• E-Verify (Spanish)

Right to Work Statement

• Right to Work (English)
• Right to Work (Spanish)