Travis AFB, California
Job ID JR2025460025 Category Engineering - Product Security Role Type Onsite Post Date Aug. 06, 2025

JOB DESCRIPTION

At Boeing, we innovate and collaborate to make the world a better place. We’re committed to fostering an environment for every teammate that’s welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us.
Boeing Global Services (BGS) is looking for a Mid-Level Product Security Engineer (PSE) to join our Government Training Systems team at Travis AFB, CA. The selected candidate will execute on our vision and share our passion for protecting our government training systems, aircraft support equipment, and associated products. Join our team to provide technical support for product cyber security and resiliency engineering through requirements, design, analysis, build, test, production, operations, support and sustainment.
This PSE team’s portfolio spans exciting programs such as KC-46. The candidate will rely on Cybersecurity and Information Assurance (IA) background to be a technical leader and support the Maintenance Training System (MTS) network and Boeing customers. In this role, the candidate will align product engineering support with information system security tasking’s to support the KC-46 Maintenance Training System (MTS). This position includes guidance for the design and implementation of appropriate security controls and requirements per JSIG, DoD RMF, NISPOM, or other related governing security policies and governances as required by customers.

BASIC QUALIFICATIONS (REQUIRED SKILLS/EXPERIENCE):

Bachelor of Science degree from an accredited course of study in engineering, engineering technology (includes manufacturing engineering technology), chemistry, physics, mathematics, data science, or computer scienc

• eSecurity certification, IAM Level 2 DoD 8570/8140 compliant certification (i.e. IAM Level 2 – CAP, GISF, GSLC, Security+
• )Risk Management Framework process along with both the NIST and DOD standards for RM
• F5+ years’ experience in development of cybersecurity philosophies, patterns, requirements, secure architectures, and design
• s5+ years’ experience in coordinating and presenting technical content to an audience, as well as preparing technical documentatio
• nKnowledge of cyber security incident response protocols (identification, impact assessment, containment, remediation, evidence handling, technical reporting, etc.) and safeguarding informatio
• nExperience and/or knowledge in product security or cybersecurity concept
• sExperience generating product cyber security artifacts for customer/certifiers
• .Experience performing adversity (threat) analysis, security risk assessments, and maturing the analysis throughout the development lifecycle – to inform requirements, and desig
• nKnowledge of VMware (infrastructure
• )Experience scanning for vulnerabilities, implement mitigations, install, administer, and troubleshoot on the following operating systems: Microsoft Windows 10, Windows Server 2016+, Linux Distributions (Red Hat Enterprise
• )

PREFERRED QUALIFICATIONS (DESIRED SKILLS/EXPERIENCE):

8+ years’ experience in development of cybersecurity philosophies, patterns, requirements, secure architectures, and designs

• .8+ years of experience with cybersecurity policies and implementation of Risk Management Framework (RMF): e.g. DAAPM, CNSSI 1253, ICD-503, JSIG, and/or NIST SP 800 serie
• sExperience scanning for vulnerabilities, implement mitigations, install, administer, and troubleshoot on the following operating systems: MAC OS, Microsoft Windows 11, Microsoft Server 2022, Raspberry PiSplunk Syslogs, Scripting language
• sExperience in product cyber security for avionics systems and component level developmen
• tExperience in requirements analysis and allocatio
• nExperience with Systems Security Engineering or Product Security Engineerin
• gRisk Management Framework process along with both the NIST and DOD standards for RM
• F2+ years of software experience: knowledge of higher order language programming languages (C/C++, Ada etc.), understanding of software life cycle, ability to read and understand code, and some understanding of secure code practices
• .

EDUCATION

Bachelor’s Degree or Equivalent Required

Advises customers on maintaining product security and certification, including security consequences of modifying products and services

• .Participates in change management activities as assigned by the ISSM, assisting stakeholders (system administrators, etc.) with the declaration and documentation of ports, protocols and services required for the information syste
• mParticipate in remanence security risk management processe
• sExecute procedures that identify and mitigate the residual risk and risk tolerance
• .Implements Risk Management Framework (RMF) processes, product development and product maintenance for assigned system
• sPerforms security compliance continuous monitorin
• gPerform security assessments and audit
• sPrepares and presents technical reports and briefing
• sIdentifies root causes, the prioritization of threats, and recommends/implements corrective actio
• nProvides mentoring and technical leadership within the information security program tea
• mExplores the enterprise and industry for the evolving state of industry knowledge and methods regarding information security standard methodologie
• sSupports development of MTS information security policies, standards, guidelines and procedures will affect other operating location
• sSupports Defense Federal Acquisition Regulation Supplement (DFARS) and Cybersecurity Maturity Model Certification (CMCC) requirements based on contractual requirements for KC-46 MT
• S