Lead Product Security (Cyber)Test Engineer

Lead Product Security (Cyber)Test Engineer

Company:

The Boeing Company

The Boeing Test & Evaluation (BT&E) team is seeking a Lead Product Security (Cyber) Test Engineer to support the Air Proprietary 1 (AP1) program in Berkeley MO. This role will be responsible for leading the execution of the cyber test lifecycle. You will be joining a cybersecurity pentest team focused on product testing. The successful candidate will perform threat assessments and execute adversarial testing with engineering rigor.

You will lead the development of cyber test cases conduct pentesting and perform test reporting as a part of an engineering team in the greater St. Louis area.

You will be joining a growing multidisciplinary cybersecurity engineering organization that is responsible for the security and resiliency of our products platforms and services. This position will support the various phases of the Product Test Lifecyle by supporting test proposals developing test plans and schedules executing pentesting and supporting posttest activities. Joining this team will put you at the cutting edge of Boeing Product Security.

This position is expected to be 100% onsite. The selected candidate will be required to work onsite at one of the listed location options.

Position Responsibilities Include:

• Lead execution of penetration tests to identify exploit and assess a target systems vulnerabilities in a threatrepresentative manner on embedded systems and IPbased networks
• Subject Matter Expert for emulating advanced cyber adversary (advanced persistent threats) tactics techniques and procedures (TTPs)
• Lead controlled attack simulations that test the effectiveness of a blue team and its capabilities to detect block and mitigate attacks and breaches
• Develop exploits and malware targeting modern operating systems and defenses
• Reverse engineering firmware and software to support vulnerability identification
• Develop cyber test tools as necessary to achieve threat emulation objectives
• Communicate recommendations for improvements to customer stakeholders via reports or presentations using common frameworks such as MITRE ATT&CK Cyber Kill Chain etc.
• Participate in test design and planning
• Occasional domestic and international travel as needed

Basic Qualifications (Required Skills/Experience):

• Bachelor of Science degree from an accredited course of study in engineering engineering technology (includes manufacturing engineering technology) chemistry physics mathematics data science or computer science
• 10 years of experience in product security cybersecurity research or a related field
• 5 years of experience leading projects or engineering teams
• 5 years of experience planning and executing penetration testing of either IT based systems or Avionics embedded systems
• 5 years of experience working with Department of Defense (DoD) organizations projects and/or programs
• 3 years of experience leading and mentoring a technical team
• Able to travel both domestically and internationally

Preferred Qualifications (Desired Skills/Experience):

• Demonstrated ability to engage with stakeholders to define/plan/resource/deliver
• Experience designing and/or testing product systems
• Experience working with Product Security (nonIT) Cyber Compliance and/or Avionics Embedded systems risk management assessment
• Experience facilitating and/or supporting Cyber Table Top Mission Based Cyber Risk Assessment or equivalent exercises
• Experience planning and executing penetration tests in one or more of the following domains:
  • Windows Linux VxWorks and INTEGRITY Operating Systems
  • IPBased Networks
  • Avionics Embedded Systems NonStandard Ethernet Protocols (ARINC MILSTD)
  • RF interfaces
• Experience evaluating cybersecurity of proprietary protocols applications and firmware within a complex integrated environment
• Experience coordinating and presenting technical content to a diverse audience
• Experience with program planning (cost and schedule)
• Experience with scripting languages such as Bash Python PowerShell
• Experience with Aircraft Platforms Weapon Systems and/or C5ISR
• Knowledgeable in Cryptography and Reverse Engineering
• One or more of the following Certifications:
  • Offensive Security Certified Engineer (OSCE)
  • Offensive Security Certified Professional (OSCP)
  • GIAC Certified Exploit Researcher and Advanced Penetration Testers (GXPN)
  • GIAC Reverse Engineering Malware (GREM)
  • Certified Information System Security Professional (CISSP)

Drug Free Workplace:

Boeingis a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana cocaine opioids amphetamines PCP and alcohol when criteria is met as outlined in our policies.

Pay & Benefits:

At Boeing we strive to deliver a Total Rewards package that will attract engage and retain the top talent. Elements of the Total Rewards package include competitive base pay and variable compensation opportunities.

The Boeing Company also provides eligible employees with an opportunity to enroll in a variety of benefit programs generally including health insurance flexible spending accounts health savings accounts retirement savings plans life and disability insurance programs and a number of programs that provide for both paid and unpaid time away from work.

The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location date of hire and the applicability of collective bargaining agreements.

Pay is based upon candidate experience and qualifications as well as market and business considerations.

Summary pay range: $164050 $221950

Language Requirements:

Not Applicable

Education:

Bachelors Degree or Equivalent

Relocation:

This position offers relocation based on candidate eligibility.

Export Control Requirement:

This position must meet export control compliance requirements. To meet export control compliance requirements a U.S. Person as defined by 22 C.F.R. 120.15 is required. U.S. Person includes U.S. Citizen lawful permanent resident refugee or asylee.

Safety Sensitive:

This is not a Safety Sensitive Position.

Security Clearance:

This position requires an active U.S. Secret Security Clearance (U.S. Citizenship Required). (A U.S. Security Clearance that has been active in the past 24 months is considered active) This position requires ability to obtain program access for which the U.S. Government requires U.S. Citizenship only.

Visa Sponsorship:

Employer will not sponsor applicants for employment visa status.

Contingent Upon Award Program

This position is not contingent upon program award

Shift:

Shift 1 (United States of America)

Stay safe from recruitment fraud! The only way to apply for a position at Boeing is via our Careers website. Learn how to protect yourself from recruitment fraud Recruitment Fraud Warning