Mid-level Product Security Engineer

at  Boeing

At Boeing, we innovate and collaborate to make the world a better place. From the seabed to outer space, you can contribute to work that matters with a company where diversity, equity and inclusion are shared values. We’re committed to fostering an environment for every teammate that’s welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us.
The Air Dominance (AD) Product Security Engineering Capability is seeking mid-level Product Security Engineers (Level 3) to perform Product Security Engineering activities on the F-22 program in Berkeley, MO. Product Security is a new capability within Boeing, it focuses on the security of the products and systems that Boeing develops for customers, ensuring that it can complete its mission as specified by security requirements and design. While PSE can be referenced as cybersecurity, it is not the traditional IT cybersecurity role, but a technical engineering role that requires a problem-solving mindset and understanding of complex systems.
Candidates can expect to be challenged, learn about security considerations, and develop themselves as engineers and professionals. This is not a role for IT professionals that have interest in networks, cloud services, or servers. This is an exciting opportunity to join in at the ground floor of the new Product Security Engineering function at Boeing and to help shape the future in this emerging technical field. Being part of Product Security Engineering offers team members great opportunities for career growth and to develop the skills necessary to secure our products. You will have access to Product Security engineers across the Boeing enterprise to accelerate you along the learning curve. Further development opportunities include a week-long introductory Product Security course, Lunch and Learns, Internal Research and Development (IRAD) participation, social events, and more.
Successful candidates will have diverse interests and experience to help apply different lenses on our product architectures to ensure the integrity and security of our Boeing products. It is also required that the candidate has software knowledge, this role interfaces with software code and a successful candidate needs to be able to interpret and understand software code. While a candidate with a cybersecurity engineering background is ideal, it is not required to be considered for this position, security knowledge can be developed over time. Candidate must show the willingness or eagerness to learn about product security in addition to the ability to think technically and problem solve.
We are looking for strong “systems of systems” thinkers and natural integrators/testers. We are seeking engineers with robust educational and/or experiential backgrounds in fields including – but not limited to – Electrical Engineering, Software Engineering, Systems Engineering, Avionics, Mission Systems, and/or Cybersecurity. Candidates who aspire to learn in-demand engineering skills in a rapidly growing field are encouraged to apply.

PREFERRED QUALIFICATIONS: (DESIRED SKILLS/EXPERIENCE):

• Experience in requirements analysis
• Experience with military aircraft systems
• Experience with Systems Security or Product Security Engineering
• Cybersecurity IAT/IAM Level 1 Certificate or higher IAT/IAM level: IAT Level 1 – A+, Network+, SSCP, IAM Level 2 – CAP, GISF, GSLC, Security+
• Cybersecurity or Engineering related degree (i.e. software, computer, network, or systems engineering degree)
• Risk Management Framework process along with both the NIST and DOD standards for RM

• Supports the development, implementation, and sustainment of product security and resiliency throughout the requirements, design, build, test, production, operations, and support lifecycle.
• Supports the development and enhancement of system requirements and architectures for product security to meet all applicable certification and customer requirements.
• Supports the definition and identification of product security requirements for suppliers of components and subsystems for integration into Boeing products and services.
• Coordinates with governments, customers, suppliers, and industry at a low level to identify risks and improve industry and regulatory security standards and requirements for programs and interfacing systems.
• Supports research and development activities resulting in innovative solutions.
• Supports the advisement of customers on maintaining product security and certification, including security consequences of modifying products and services.
• Perform cyber and systems security engineering of products and non-IT networks, perform threat and risk assessment as part of a cyber-maturation process that establishes threat surfaces and mitigations to maximize resiliency and minimize vulnerability.
• Supports the establishment of testing and evaluation plans, including cyber test activities & cyber tabletop evaluations.
• Perform assessment of software assurance activities and products, to ensure the security pedigree of our software solutions.
• Identifies assets and assesses risks, threats, and vulnerabilities of the product in accordance with accepted industry, professional, and government standards to ensure secure design while enabling integrity, availability, confidentiality, and non-repudiation of system functions and data, and contract compliance.
• Implements appropriate security controls and requirements per JSIG, DoD and ICD 503 RMF, NISPOM, or DoD Overprint to the NISPOM as required by customers.
• Travel (up to 10%) will be required for meetings with customers, internal meetings, etc.
• Works under minimal direction
• Occasional domestic travel may be required.
• The role on the team may require obtaining certifications such as Security+ or CISSP to comply with contract requirements.