Mid-Level Product Security Engineer

About The Position

Requirements

• Bachelor of Science degree in Engineering, Engineering Technology (including Manufacturing Technology), Computer Science, Data Science, Mathematics, Physics, Chemistry or non-US equivalent qualifications directly related to the work statement
• 5+ years of related work experience or an equivalent combination of education and experience
• Experience with commercial and/or military aircraft avionics
• Experience in deriving technical requirements from customer input or eliciting customer requirements
• Experience solving complex business problems and delivering solutions via technology
• Experience in presenting technical briefings to various audiences
• Knowledge of security practices and principles associated with risk analysis and assessment

Nice To Haves

• Active technical security certification (ex. ISC2 – International Information System Security Certification, CISSP – Certified Information Systems Security Professional, GIAC - Global Information Assurance Certification)
• Experience designing, supporting, or executing AI, data, privacy, cybersecurity, or other technology risks assessments and translating findings into practical controls and process improvements
• Experience in security domain, e.g. defining penetration testing, architecting product security posture
• Experience working with and/or developing embedded systems
• Experience in the field of Cybersecurity, anti-tamper and/or secure computing and knowledge of Department of Defense (DoD) policies and requirements related to Cybersecurity
• Experience in a combination of test planning and execution including; Cyber Test and Evaluation activities such as penetration testing, threat, adversity and risk analysis, and exploitation tool development, tailoring, and use and general cybersecurity engineering
• An active U.S. Security Clearance in the past 24 months

Responsibilities

• Development, implementation, and sustainment of product security for Boeing avionics systems, throughout the requirements, design, analysis, build, test, production, operations, support and sustainment lifecycle
• Coordinate with platforms and system-of-systems product security counterparts for requirements, activities, artifacts, and solutions
• Coordinate with other engineering stakeholders – systems, software, and hardware – advising on the results of security analysis – to develop secure architectures and designs
• Establish and integrate standards and processes for product security engineering for avionics development, and to meet applicable program and certification requirements
• Utilize the Risk Engineering digital thread to inform product requirements surrounding cyber survivability against specified cyber threats – by performing criticality, adversity, threat analysis for avionics systems
• Assess internal customer requirements to derive strategies and detailed security requirements system and technical requirements
• Execute PSE activities – security requirements, architectures, risk assessments
• Document PSE activities and deliver PSE artifacts
• Perform risk reduction and technology maturation activities resulting in innovative solutions in product and services offering
• Identify and elevate product security risks to integrated product team(s) and management

Benefits

• health insurance
• flexible spending accounts
• health savings accounts
• retirement savings plans
• life and disability insurance programs
• paid and unpaid time away from work