Mid-Level Software Security Engineer
About The Position
The Boeing Company is looking for a Mid-Level Software Security Engineer to join the Enterprise Product Security Software organization. This role supports Secure Coding, Certification, and Software Assurance across various programs in Boeing Commercial Airplanes (BCA). The successful candidate will be responsible for driving the development, implementation, and sustainment of product security and resiliency throughout the software development lifecycle, protecting our commercial airplanes’ products and the aviation ecosystem. As a member of the Enterprise Product Security Software organization, you will have support from security experts across all business units, and exposure to a large variety of products and services. With a focus on Software Security, you will be accountable for the security of software products and pipelines across the world's leading portfolio of commercial and defense airplanes, satellites and weapons.
Requirements
- Bachelor of Science degree in Engineering, Engineering Technology (including Manufacturing Technology), Computer Science, Data Science, Mathematics, Physics, Chemistry or non-US equivalent qualifications directly related to the work statement
- 5+ years of related work experience or an equivalent combination of education and experience
- 1+ years of experience factoring and applying confidentiality, integrity and availability considerations within the system development lifecycle
- Experience with the Software Development Lifecycle (SDLC)
Nice To Haves
- Experience with system security engineering or systems engineering
- Experience with security infrastructure, product and cybersecurity systems analysis, design, development, and testing
- Working knowledge in Public Key Infrastructure operations through hardware security modules, certificate authorities and all supporting hardware and software
- Experience with DevSecOps and Continuous Integration and Continuous Deployment (CI/CD) tools and execution
Responsibilities
- Assesses the adversity faced by software subsystems in the context of the larger system
- Secures cloud-based software development environments
- Manages risk in accordance with accepted industry, professional, and government standards to ensure security design integrity, availability, confidentiality, and regulatory compliance
- Develops security requirements and coordinate with multiple system stakeholders to identify and properly implement and verify security measures to mitigate the risks, threats and vulnerabilities
- Performs requirements verification on software security engineering products using inspection, analysis, demonstration, and test methods
- Performs Common Vulnerabilities and Exploits (CVE) analysis and coordinate with system stakeholders to appropriately mitigate and address to reduce likelihood and consequences of CVE impacting system operation
- Deploys DevSecOps best practices into Program pipelines, including tool selection, configuration, and analysis
- Provides technical data and develop documentation in accordance with requirements and system security engineering processes and procedures for internal reference and external delivery
- Supports Product Security Incident Response Team to respond to security events
- Defines and deploys consistent software security standards within the Software Development Lifecycle
- Identifies improvements to ensure software implementation is aligned to industry and Boeing software assurance best practices
Benefits
- health insurance
- flexible spending accounts
- health savings accounts
- retirement savings plans
- life and disability insurance programs
- paid and unpaid time away from work
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
