Associate Product Security Engineer - Multi-Program
About The Position
Boeing Global Services (BGS) is seeking an Associate Product Security Engineer – Multi-Program to join our Training Systems Product Security Engineering (PSE) team, based out of Hazelwood, MO. You’ll be a part of Boeing's Training System PSE Organization, which is a growing multi-disciplinary cybersecurity engineering organization, that is responsible for cybersecurity compliance and resiliency within delivered products and services. The BGS PSE organization portfolio spans exciting programs such as P-8A Poseidon, F/A-18 Super Hornets/Growlers, F-15 Eagle, MQ-25 Stingray, T-7A Red Hawk, CH-47 Chinook, and AH-64 Apache. This is an exclusive opportunity to provide technical support for product cybersecurity and resiliency engineering for multi-program/multi-platform related training systems and virtual maintenance trainers through requirements, design, analysis, build, test, production, operations, support, sustainment, and certification activities in Hazelwood, MO. This role supports the implementation of security controls and requirements aligned with Department of Defense DoD Risk Management Framework (RMF), Joint Special Access Program (SAP) Implementation Guide (JSIG), and National Industrial Security Operating Manual (NISPOM) as required by customers, working under the direction of senior security team members. In joining Boeing, you are going to be a part of a diverse multi-disciplinary team of engineers, operating across platforms, using the latest tools and methodologies. This position requires relevant certification at start: (DoD 8570 Level II Certification e.g., CompTIA Security+, CySA+)
Requirements
- Ability to work onsite 5 days a week
- Bachelor of Science degree in Engineering, Engineering Technology (including Manufacturing Technology), Computer Science, Data Science, Mathematics, Physics, Chemistry or non-US equivalent qualifications directly related to the work statement
- DoD 8570 Level II Certification e.g., CompTIA Security+, CySA+
- Ability and willingness to travel domestically and internationally up to 15%
- 1+ years of experience working within the DoD Risk Managed Framework (RMF)
- 1+ years of experience in development, integration, validation, and verification of cyber security systems
- 1+ years of experience engineering/technical experience in aircraft, mission systems, or training solutions
- 1+ years of experience in the field of Cybersecurity, anti-tamper and/or secure computing and knowledge of Department of Defense (DoD) policies and requirements related to Cybersecurity
- Ability to obtain a U.S. Security Clearance for which the U.S. Government requires U.S. Citizenship. An interim and/or final U.S. Secret Clearance Post-Start is required.
Nice To Haves
- Experience with vulnerability scanning, mitigation, administration and system hardening on multiple operating systems
- Experience preparing and presenting technical material to diverse audiences (reports, engineering notes, presentations) with coaching from experienced team members
- Experience in systems/product security engineering for avionics, supporting integration of security into development by assisting senior engineers with requirements, secure architecture patterns, and system-level design activities
- Experience performing adversity (threat) analysis, security risk assessments, and maturing the analysis throughout the development lifecycle – to inform requirements, and design
- Experience assisting in identification of risks and opportunities, and collaborating with stakeholders to help define, plan, and deliver technical tasks or work packages.
- Experience generating product cyber security artifacts for customer/certifiers
- Experience in requirements analysis
- Experience with military aircraft systems
- Software experience: knowledge of higher order language programming languages (C/C++, Ada etc.), understanding of software life cycle, ability to read and understand code, and some understanding of secure code practices.
- Experience with Program Protection, Software Assurance practices or Supply Chain Risk Management (SCRM) practices.
Responsibilities
- Support development, implementation, and sustainment of product security across the full lifecycle by developing and refining system requirements, architectures, and certification‑ready designs
- Coordinate with internal and external partners (systems, software, hardware, customers, suppliers, and industry) to define cybersecurity requirements, artifacts, activities, and solutions
- Conduct security assessments (threat analyses, risk assessments, audits), identify assets/vulnerabilities, risk documentation, and mitigation tracking through closure
- Advise stakeholders on assessment results and provide actionable recommendations to improve architecture, designs, and software assurance
- Establish, integrate, and implement product security standards, processes, and controls to meet program, certification, and regulatory requirements (e.g., JSIG, DoD RMF, NISPOM)
- Support cyber test and validation activities, including tabletop exercises and verification of security controls, scan result analysis, and preparation of objective evidence for audits and reviews
- Support inputs for planning, scheduling, budget, risks, issues, and opportunity activities, including early identification and communication of cost, schedule, or certification impacts
- Work under guidance of senior product security engineers while independently executing assigned cybersecurity work products to completion in a teaming environment
Benefits
- health insurance
- flexible spending accounts
- health savings accounts
- retirement savings plans
- life and disability insurance programs
- paid and unpaid time away from work
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Entry Level
