At Boeing, we innovate and collaborate to make the world a better place. We’re committed to fostering an environment for every teammate that’s welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us.
At Boeing, we innovate and collaborate to make the world a better place. We’re committed to fostering an environment for every teammate that’s welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us.
The Software Security Capability is looking for a Software Security Capability Lead Engineer to drive secure software solutions into a complex hybrid-cloud engineering environment within the Air Dominance portfolio in Berkeley, MO.
Are you ready to take your career to new heights? The Software Security Capability, which is aligned to the enterprise Product Security Engineering (PSE) operating group, supports both programs across the Saint Louis Portfolio and is seeking a passionate and experienced software security Engineer to support our cutting-edge Air Dominance programs. This is your chance to impact the next generation of engineering environments at Boeing which will build from our already impressive portfolio of iconic platforms like the F-15 Eagle, F/A-18 Super Hornet, EA-18 Growler, MQ-25 Stingray, and T-7A Redhawk, and contribute to the future of national defense.

BASIC QUALIFICATIONS (REQUIRED SKILLS/EXPERIENCE):

• Bachelor of Science degree from an accredited course of study in engineering, engineering technology (includes manufacturing engineering technology), chemistry, physics, mathematics, data science, or computer science
• Demonstrated ability to execute in complex digital engineering constructs, including Software Development environments (DevSecOps Pipelines), Engineering Development, Simulation and Test Labs, and Model-Based Systems Engineering (MBSE) environments with a focus on secure integration across development, test, and operational systems
• Demonstrated ability to identify new opportunities and engage with stakeholders to define, plan, resource and deliver solutions
• Experience with DoD Security standards such as Joint Special Access Program Implementation Plan (JSIG), NIST SP 800-53, NIST SP 800-171, CNSSI 1253, and associated RMF processes.
• Experience managing or contributing to the Authorization to Operate (ATO) lifecycle, including development of security plans, POA&Ms, and test procedures
• Experience designing, securing, and accrediting cloud-based systems in accordance with DoD or IC security requirements, including implementation of security controls in environments such as AWS GovCloud, AWS Secret Region, or Azure Government
• Experience coordinating and presenting technical content to a diverse audience, as well as preparing technical documentation
• Experience securing commercial cloud environments using practices such as Zero Trust, Access-Based Access Controls (ABAC), Policy as Code and Policy Enforcement Agents, Security Monitoring, Data Forensics and Incident Response
• Familiarity with the Secure Software Development Lifecycle (SDLC), including dependency management, analysis tools, security/test environments, and artifact signing

PREFERRED QUALIFICATIONS (DESIRED SKILLS/EXPERIENCE):

• Experience developing or integrating ground or platform architectures
• Experience overseeing the design, development, and testing of engineering solutions, ensuring compliance with industry standards and regulations
• Experience developing multi-layer security architectures (encryption, cross domain guards)
• Experience providing work instructions that support the design and documentation of system architectures to ensure accuracy, completeness, and compliance with customer specifications
• Experience in product cyber security for avionics systems and component level development
• Experience performing adversity (threat) analysis, security risk assessments, and maturing the analysis throughout the development lifecycle – to inform requirements, and design
• Experience generating product cyber security artifacts for customer/certifiers
• Security certification is desired (e.g. CISSP); Please state/include on resume
  This position is expected to be 100% onsite. The selected candidate will be required to work onsite at one of the listed location options.

EDUCATION

Bachelor’s Degree or Equivalent Required

• Lead and Innovate: Incorporate key security concepts through the initial planning, design, and implementation of complex engineering environments spanning multiple sites, incorporating engineering labs, on-premise compute, and secure multi-cloud solutions.
• Customer Focus: Collaborate closely with program customers to support the definition of security requirements, enable seamless systems integration, and ensure systems verification.
• Multi-Discipline: Engage with multiple engineering disciplines, including cloud computing, software engineering – (Artificial Intelligence/Machine Learning (AI/ML), Infrastructure as Code (IaC), DevSecOps), Systems Engineering , Data Science, and Boeing Enterprise Security.
• Shift Security Left: Treat security as a primary concern and engage from the early phases of design to ensure our environment is Secure by Design.
• Mentor and Execute: Mentor, and help to build your team of software security engineers and oversee the execution of security capabilities.
• Secure Software Factories: Build up a strong set of security tools into the DevSecOps pipeline, enabling Cybersecurity Supply Chain Risk Management (C-SCRM), Secure Coding Practices, Software Assurance, and Security Policy Enforcement.
• Standards and Processes: Assist in establishing, integrating standards and processes for product security engineering in support of Digital Infrastructure, and meet applicable program/certification requirements
• Risk Management: Utilize Risk Engineering digital thread to inform product requirements surrounding cyber survivability against specified cyber threats – by performing criticality, adversity, threat analysis for avionics systems
• Subject Matter Expert: Provide security expertise to Air Dominance program management and engineering teams through technical design reviews, program gate reviews, and other independent reviews as needed by the engineering function.