Associate or Experienced Cloud and Software Security Engineer

About The Position

Requirements

• Bachelor of Science degree in Engineering, Engineering Technology (including Manufacturing Technology), Computer Science, Data Science, Mathematics, Physics, Chemistry or non-US equivalent qualifications directly related to the work statement or an equivalent combination of technical education and experience
• Level 2: 2+ years of related work experience or an equivalent combination of education and experience
• Ability to obtain a U.S. Security Clearance
• Experience with networking in cloud environments
• Experience in cyber security solutions architecture, with a focus on cloud technologies, DevSecOps, and secure system design
• Experience leading DevSecOps teams to deploy a cloud or on-prem DevSecOps solutions
• Experience with cloud security frameworks and compliance standards such as National Institute of Standards and Technology (NIST), Federal Risk and Authorization Management Program (FedRAMP), Department of Defense Security Requirements Guide (DoD SRG), and Defense Information Systems Agency Security Technical Implementation Guides (DISA STIGs)

Nice To Haves

• Level 3: 5+ years of related work experience or an equivalent combination of education and experience
• Active Security Clearance (Active means held within the previous two years from today)
• Experience in Avionic systems: architecture, requirements, design, interfaces, platform integration, flight test planning, testing, validation and verification
• Experience in software or hardware engineering, requirements, design, development, test, and working with software and hardware
• Experience in aligning operational capabilities to regulatory frameworks and compliance requirements (i.e., ISO, NIST, CMMC)
• Experience do you have with data links, crypto, trusted guards, multi-level security
• Experience with cyber verification and validation of Avionics Systems
• Certified Application Security Engineer (CASE), Security+, a CISSP certification, or equivalent Cyber Security certification (CISSP preferred)

Responsibilities

• Incorporates key security concepts through the initial planning, design, and implementation of complex engineering environments spanning multiple sites, incorporating engineering labs, on-premise compute, and secure multi-cloud solutions.
• Collaborates closely with program customers to support the definition of security requirements, enable seamless systems integration, and ensure systems verification.
• Engages with multiple engineering disciplines, including cloud computing, software engineering – (Artificial Intelligence/Machine Learning (AI/ML), Infrastructure as Code (IaC), DevSecOps), Systems Engineering , Data Science, and Boeing Enterprise Security.
• Treats security as a primary concern and engage from the early phases of design to ensure our environment is Secure by Design.
• Builds up a strong set of security tools into the DevSecOps pipeline, enabling Cybersecurity Supply Chain Risk Management (C-SCRM), Secure Coding Practices, Software Assurance, and Security Policy Enforcement.
• Assists in establishing, integrating standards and processes for product security engineering in support of Digital Infrastructure, and meet applicable program/certification requirements.
• Utilizes Risk Engineering digital thread to inform product requirements surrounding cyber survivability against specified cyber threats – by performing criticality, adversity, threat analysis for avionics systems.
• Provides security expertise to Air Dominance program management and engineering teams through technical design reviews, program gate reviews, and other independent reviews as needed by the engineering function.

Benefits

• health insurance
• flexible spending accounts
• health savings accounts
• retirement savings plans
• life and disability insurance programs
• paid and unpaid time away from work
• tuition reimbursement program