At Boeing, we innovate and collaborate to make the world a better place. We’re committed to fostering an environment for every teammate that’s welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us.
Job Description
Boeing Global Services (BGS) is looking for Mid-Level Product Security Engineer to join our Government Training Systems team in Berkeley, Missouri. The selected candidate will execute on our vision and share our passion for protecting our government training systems, aircraft support equipment, and associated products. Join our team to provide technical support for product cyber security and resiliency engineering through requirements, design, analysis, build, test, production, operations, support and sustainment.
This PSE team’s portfolio spans exciting programs such as P-8A Poseidon, F/A-18 Super Hornets/Growlers, F-15 Eagle, MQ-25 Stingray, T-7A Red Hawk, F-22 Raptor and V-22 Osprey. The candidate must be able to consistently, pro-actively recognize and work through a wide range of challenges and bring to resolution. This position involves implementing appropriate security controls and requirements per JSIG, DoD RMF, NISPOM, or other related governing security policies and governances as required by customers.

Position Responsibilities:

• Supports development, implementation, sustainment of product security and resiliency throughout the requirements, design, build, test, production, operations & support lifecycle.
• Supports development and enhancement of system requirements, along with architectures for product security to meet all applicable certification & customer requirements.
• Supports definition/identification of product security requirements for suppliers of components and subsystems for integration into Boeing products/services.
• Coordinates with key stakeholders (customers (internal/external), suppliers, and industry) at a low level to identify risks.
• Provide insight & recommendations on improving industry/regulatory security standards.
• Supports innovative research and development activities.
• Advise customers on maintaining product security and certification, including security consequences of modifying products and services.
• Ability to build and assess network and software systems architectures.
• Implements, and sustains product security and resiliency throughout the requirements, design, build, test, production, operations, and support lifecycle.
• Completes test setups to system requirements and architectures for product security to meet all applicable certification and customer requirements.
• Configures and ensures security of facilities, equipment, tools, data, networks, and resources used for product: design, development, build, test, storage, delivery, operations, and support.
• Perform cyber/systems security engineering of embedded avionics products, perform threat/risk assessment that establishes threat surfaces and mitigations to maximize resiliency while minimizing vulnerability.
• Supports the establishment of testing and evaluation plans, including cyber test activities & cyber tabletop evaluations.
• Perform assessment of software assurance activities and products, to ensure the security pedigree of software solutions.
• Identifies assets and assesses risks, threats, and vulnerabilities of the product in accordance with accepted industry, professional, and government standards.
• Ensures safe/secure designs while enabling integrity, availability, confidentiality, and non-repudiation of system functions/data, and contract compliance.
• Implements appropriate security controls and requirements per JSIG, DoD RMF Frameworks, NISPOM, or related governing security policies as required by customers.
• Works under minimal direction.

PREFERRED QUALIFICATIONS (DESIRED SKILLS/EXPERIENCE):

• 5+ years’ experience in development of cybersecurity philosophies, patterns, requirements, secure architectures, and designs.
• Experience scanning for vulnerabilities, implement mitigations, install, administer, and troubleshoot on the following operating systems:
• Microsoft Windows XP, Microsoft Windows 7, Microsoft Windows 10,
• Linux Distributions
• Oracle Solaris (UNIX)
• Experience in product cyber security for avionics systems and component level development
• Experience performing adversity (threat) analysis, security risk assessments, and maturing the analysis throughout the development lifecycle – to inform requirements, and design.
• Experience generating product cyber security artifacts for customer/certifiers.
• Security certification is desired (e.g. CISSP)
• Experience in requirements analysis
• Experience with military aircraft systems
• Experience with Systems Security or Product Security Engineering
• Cybersecurity IAT/IAM Level 1 Certificate or higher IAT/IAM level: IAT Level 1 – A+, Network+, SSCP, IAM Level 2 – CAP, GISF, GSLC, Security+
• Cybersecurity or engineering related degree (i.e. software, computer, network, or systems engineering degree)
• Risk Management Framework process along with both the NIST and DOD standards for RMF
• 2+ years of software experience: knowledge of higher order language programming languages (C/C++, Ada etc.), understanding of software life cycle, ability to read and understand code, and some understanding of secure code practices.

• Supports development, implementation, sustainment of product security and resiliency throughout the requirements, design, build, test, production, operations & support lifecycle.
• Supports development and enhancement of system requirements, along with architectures for product security to meet all applicable certification & customer requirements.
• Supports definition/identification of product security requirements for suppliers of components and subsystems for integration into Boeing products/services.
• Coordinates with key stakeholders (customers (internal/external), suppliers, and industry) at a low level to identify risks.
• Provide insight & recommendations on improving industry/regulatory security standards.
• Supports innovative research and development activities.
• Advise customers on maintaining product security and certification, including security consequences of modifying products and services.
• Ability to build and assess network and software systems architectures.
• Implements, and sustains product security and resiliency throughout the requirements, design, build, test, production, operations, and support lifecycle.
• Completes test setups to system requirements and architectures for product security to meet all applicable certification and customer requirements.
• Configures and ensures security of facilities, equipment, tools, data, networks, and resources used for product: design, development, build, test, storage, delivery, operations, and support.
• Perform cyber/systems security engineering of embedded avionics products, perform threat/risk assessment that establishes threat surfaces and mitigations to maximize resiliency while minimizing vulnerability.
• Supports the establishment of testing and evaluation plans, including cyber test activities & cyber tabletop evaluations.
• Perform assessment of software assurance activities and products, to ensure the security pedigree of software solutions.
• Identifies assets and assesses risks, threats, and vulnerabilities of the product in accordance with accepted industry, professional, and government standards.
• Ensures safe/secure designs while enabling integrity, availability, confidentiality, and non-repudiation of system functions/data, and contract compliance.
• Implements appropriate security controls and requirements per JSIG, DoD RMF Frameworks, NISPOM, or related governing security policies as required by customers.
• Works under minimal direction