Product Security Engineer (Product Security Engineer)

About The Position

Requirements

• Level 2 - Education/experience typically acquired through advanced technical education from an accredited course of study in engineering, engineering technology (includes manufacturing engineering technology), computer science, engineering data science, mathematics, physics or chemistry (e.g. Bachelor) and typically 2 or more years' related work experience or an equivalent combination of technical education and experience or non-US equivalent qualifications. In the USA, ABET accreditation is the preferred, although not required, accreditation standard.
• Experience in development lifecycle of embedded avionics systems
• Assist with the development of cybersecurity philosophies, patterns, requirements, secure architectures and designs
• Experience coordinating and presenting technical content to a diverse audience, as well as preparing technical documentation
• Knowledge of cyber security incident response protocols (identification, impact assessment, containment, remediation, evidence handling, technical reporting, etc.) and safeguarding information.
• Technical bachelor's degree or greater, (technical degree is defined as any four-year degree, or greater, in an engineering, computer science, mathematics, or scientific field of study).
• Experience in product security or cybersecurity concepts
• This position requires an active Secret U.S. Security Clearance (A U.S. Security Clearance that is current within the past 24 months is considered active.)

Nice To Haves

• Experience in product cyber security for avionics systems and component level development
• Experience performing adversity (threat) analysis, security risk assessments, and maturing the analysis throughout the development lifecycle – to inform requirements, and design
• Experience generating product cyber security artifacts for customer/certifiers
• Security certification is desired (e.g. CISSP)
• Experience in requirements analysis
• Experience with military aircraft systems
• Experience with Systems Security or Product Security Engineering
• Cybersecurity IAT/IAM Level 1 Certificate or higher IAT/IAM level: IAT Level 1 – A+, Network+, SSCP, IAM Level 2 – CAP, GISF, GSLC, Security+
• Cybersecurity or engineering related degree (i.e. software, computer, network, or systems engineering degree)
• Risk Management Framework process along with both the NIST and DOD standards for RM
• 2+ years of software experience: knowledge of higher order language programming languages (C/C++, Ada etc.), understanding of software life cycle, ability to read and understand code, and some understanding of secure code practices.

Responsibilities

• Supports development, implementation, sustainment of product security and resiliency throughout the requirements, design, build, test, production, operations & support lifecycle
• Supports development and enhancement of system requirements, along with architectures for product security to meet all applicable certification & customer requirements
• Supports definition/identification of product security requirements for suppliers of components and subsystems for integration into Boeing products/services
• Coordinates with key stakeholders (customers (internal/external), suppliers, and industry) at a low level to identify risks
• Provide insight & recommendations on improving industry/regulatory security standards
• Supports innovative research and development activities
• Advise customers on maintaining product security and certification, including security consequences of modifying products and services
• Perform cyber/systems security engineering of embedded avionics products, perform threat/risk assessment that establishes threat surfaces and mitigations to maximize resiliency while minimizing vulnerability
• Supports the establishment of testing and evaluation plans, including cyber test activities & cyber tabletop evaluations
• Perform assessment of software assurance activities and products, to ensure the security pedigree of software solutions
• Identifies assets and assesses risks, threats, and vulnerabilities of the product in accordance with accepted industry, professional, and government standards
• Ensures safe/secure designs while enabling integrity, availability, confidentiality, and non-repudiation of system functions/data, and contract compliance
• Implements appropriate security controls and requirements per JSIG, DoD and ICD 503 RMF, NISPOM, or DoD Overprint to the NISPOM as required by customers
• Works under minimal direction
• Travel (up to 10%) is required for meetings with customers, internal meetings, etc.

Benefits

• Relocation assistance is a benefit available for eligible candidates.
• Employee Referral Program: $1500 is the referral fee for candidates who start on the program.
• Signing Bonus Eligibility: Candidates are eligible to obtain signing bonuses up to $7000.
• Boeing 401(k) helps you save for your future, with contributions from Boeing that can help you grow your retirement savings.
• Best in class 401(k) plan: we'll match your contributions dollar for dollar, up to 10% of eligible pay with Immediate 100% vesting
• The Boeing 401(k) Student Loan Match allows eligible enrolled U.S. employees to have their qualified student loan debt payments counted, along with any match-eligible contributions they make, for purposes of determining the Company Match to employees' Boeing 401(k) accounts.
• Elements of the Total Rewards package include competitive base pay and variable compensation opportunities.
• The Boeing Company also provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and several programs that provide for both paid and unpaid time away from work.