Mid-Level Security Design Specialist

About The Position

Requirements

• 3+ years of experience coding in Java with the ability to read, debug, and reason about code and native integration points
• 3+ years of experience using Linux administration skills (shell scripting, process management, performance tuning, package management)
• 3+ years of experience supporting Java applications on Linux (application lifecycle, troubleshooting, JVM behavior)
• 3+ years of experience developing and supporting JavaScript
• 3+ years of experience in web development
• 3+ years of experience coding literacy in C (ability to read, debug, and reason about code and native integration points)
• Experience with access control concepts and tools, including MFA, reverse proxies, federation, and SSO

Nice To Haves

• Bachelor’s degree or higher
• Experience understanding secure coding principles and common vulnerabilities
• Experience with Open Worldwide Application Security Project (OWASP) Top 10 and techniques to identify and mitigate them
• Experience with SysAdmin, Audit, Network, Security/ Common Weakness Enumeration (SANS/CWE) Top 25 and techniques to identify and mitigate them
• Experience supporting COTS access management products (installation, configuration, patching, integration) and custom access-management code or connectors
• Experience with strong communication and collaboration skills with the ability to work cross-functionally with engineers, architects, security, and product teams
• Experience with cloud infrastructures
• Experience with DevOps / DevSecOps
• Experience collaborating with team members while also working independently

Responsibilities

• Support, operate, and troubleshoot access management systems (Commercial Off the Shelf (COTS) and custom), including Single Sign-On (SSO), federation, multi-factor authentication (MFA), and reverse proxy configurations
• Administer and support Java applications running on Linux including incident response, root cause analysis, Java Virtual Machine (JVM) tuning, and deployment support
• Integrate, maintain and identity access control components (connectors, proxies, policy agents) and ensure secure authentication/authorization flows
• Collaborate with development, security, and identity teams to design, implement, and harden access controls and secure application integrations
• Support deployments and automation
• Contribute to runbooks, playbooks, and after hours incident response
• Identify, triage, and remediate security issues related to application and access control misconfigurations

Benefits

• At Boeing, we strive to deliver a Total Rewards package that will attract, engage and retain the top talent.
• Elements of the Total Rewards package include competitive base pay and variable compensation opportunities.
• The Boeing Company also provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and a number of programs that provide for both paid and unpaid time away from work.
• The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location, date of hire, and the applicability of collective bargaining agreements.