Product Security Engineer

Product Security Engineer

Company:

The Boeing Company

Boeings Missile Defense Program is seeking motivated and talented Associate (Level 2) Mid Level (Level 3 ) or Senior (Level 4) Product Security Engineers in Colorado Springs Colorado! These positions will support the performance of product security and cybersecurity engineering for the National Team Command Control Battle Management and Communications (C2BMC) Programs & Networks.

Missile Defense programs are part of the Ballistic Missile Defense System which defends the United States homeland and its regional allies all over the world. Be a part of our passionate and highly motivated team who are excited to be on the forefront of defense of our nation.

Boeing offers a comprehensive benefits package including generous Paid Time Off (PTO) flexible work schedules paid parental leave for mothers and fathers 401k matching tuition assistance for earning advanced degrees and paid medical leave programs.

Come Join Us and Build the Future!

Primary Responsibilities:

Team member will work with other industry partners in the development and execution of a comprehensive assessment program supporting the C2BMC Element of the Ballistic Missile Defense System. This individual will act as the primary group to for testing and applying patches on all main software/application systems on the system including workstation and servers. This team will be supporting the system by interacting continuously with the cyber team compliance team to remediate any vulnerabilities founding during automated or manual cyber scans. As patching can be an impacting activity a detailed oriented individual is a must for this position.

• Developing and verifying installation instructions for Cyber Tools and Vendor Patches

• Applying Security Technical Implementation Guides (STIGs)

• Managing and addressing any Cyber Tasking Orders (CTOs) related to the Cyber Tools

• Integrating configuring and automating the installation of the Elastic Stack with the existing set of Cyber Tools on the C2BMC system

• Working with various C2BMC teams to ensure compatibility and seamless integration of Cyber Tools within the larger system

• Documentation and verification of all installation and configuration steps for the labs and operations deliveries

• Providing feedback to Cyber Leadership and engineers to improve the cybersecurity tools and processes

• Verifying the Elastic Stack meets contractual requirements

• Documenting the installation and delivering installation instructions to deploy the Elastic Stack

• Installing deploying and unit testing other Cyber Tools such as ACAS ArcSight BigFix Delinea Endgame ESS Axway Repeater and Responder for Windows MFA in National Team (NT) labs the C2BMC Testbed (CTB) and Operations.

• Collaborating with local Information System Security Officers (ISSOs) to ensure compliance with relevant cybersecurity standards and regulations

• Assess organization-wide security and privacy risk and update assessment results on an ongoing basis

• Perform system analysis and develop system test for cyber threats cyber test activities and the cybersecurity of large-scale events

• Perform cyber risk assessments and develop risk mitigation plans

• Support the engineering installation & analysis of patches and various system updates and upgrades to determine system consequence of these changes

• Attend collect data from out brief and facilitate collaboration and project management from various program boards

• Support cyber threat intelligence activities

• Support the development and maintenance of cyber scanning patching remediation tools and applications

• Support as required TEMPEST DFARS COMSEC CNSSI and other compliance drivers as needed

• Support and facilitate various ATO packages including processing IAVMs and CTOs for the same

• Perform and/or support the development of tools for cyber forensics

• Develop define efficiencies and improvements to tools to improve team productivity

• Perform system analysis trade studies to define technical concepts and solutions

This position is expected to be 100% onsite. The selected candidate will be required to work onsite at one of the listed location options. (Colorado Springs CO.)

This position may require the ability to obtain access to an MDA facility. Access to the facility requires a background investigation by U.S. government authorities.

This position requires candidate acceptance by industry partner resource control board.

This position requires an active Top Secret U.S. Security Clearance. (A U.S. Security Clearance that has been active in the past 24 months is considered active.)

Basic Qualifications (Required Skills/Experience):

• Bachelor of Science degree from an accredited course of study in engineering engineering technology (includes manufacturing engineering technology) chemistry physics mathematics data science or computer science.

• Active Top Secret clearance

• Current DoD 8570 certification at IAT Level II / IAM Level I or higher (e.g. Security GSEC SCNP SSCP CISSP CISA GSE SCNA)

• 1 years experience in product security / cybersecurity engineering

• 1 years experience with industry standard cybersecurity frameworks (NIST OWASP DFARS)

• Experience using analytical collaboration communication and organizational skills

Preferred Qualifications (Desired Skills/Experience):

• 2 years experience in Windows/RHEL System admin experience installing tuning & troubleshooting Cyber Tools to include ESS/HBSS ConfigOS Splunk/Elastic etc.

• 2 years experience in configuring running and scripting audit tools

• 2 years experience using knowledge of Software Assurance (SwA) static and/or dynamic code analysis (e.g. Fortify)

• Experience with Federal Information Security Management Act (FISMA)/RMF and National institute of Standards and Technology (NIST) 800-53 requirements

• Experience leading system and component level cyber test and evaluation including threat and security assessments and tabletop exercises

• Experienced self-starter with strong written and oral communication skills and a focus on translating technically complex issues into simple easy to understand concept

• Growing understanding of DoD and missile defense command and control battle management architectures and communications system concepts mission and common system test and data analysis techniques

Typical Education/Experience:

Associate (2): Education/experience typically acquired through advanced technical education from an accredited course of study in engineering engineering technology (includes manufacturing engineering technology) computer science engineering data science mathematics physics or chemistry (e.g. Bachelor) and typically 2 or more years related work experience or an equivalent combination of technical education and experience or non-US equivalent qualifications. In the USA ABET accreditation is the preferred although not required accreditation standard.

Mid-Level (3): Education/experience typically acquired through advanced technical education from an accredited course of study in engineering engineering technology (includes manufacturing engineering technology) computer science engineering data science mathematics physics or chemistry (e.g. Bachelor) and typically 5 or more years related work experience or an equivalent combination of technical education and experience or non-US equivalent qualifications. In the USA ABET accreditation is the preferred although not required accreditation standard.

Senior (4): Education/experience typically acquired through advanced technical education from an accredited course of study in engineering engineering technology (includes manufacturing engineering technology) computer science engineering data science mathematics physics or chemistry (e.g. Bachelor) and typically 9 or more years related work experience or an equivalent combination of technical education and experience or non-US equivalent qualifications. In the USA ABET accreditation is the preferred although not required accreditation standard.

Relocation:

This position does not offer relocation. Candidates must be local or willing to relocate at their own expense.

Drug Free Workplace:

Boeing is a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana cocaine opioids amphetamines PCP and alcohol when criteria is met as outlined in our policies.

At Boeing we strive to deliver a Total Rewards package that will attract engage and retain the top talent. Elements of the Total Rewards package include competitive base pay and variable compensation opportunities.

The Boeing Company also provides eligible employees with an opportunity to enroll in a variety of benefit programs generally including health insurance flexible spending accounts health savings accounts retirement savings plans life and disability insurance programs and a number of programs that provide for both paid and unpaid time away from work.

The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location date of hire and the applicability of collective bargaining agreements.

Please note that the salary information shown below is a general guideline only. Salaries are based upon candidate experience and qualifications as well as market and business considerations.

Associate (2) Summary pay range: $91800 $124200

Mid-Level (3) Summary pay range: $112200 $151800

Senior (4) Summary pay range: $136850 $185150

Language Requirements:

Not Applicable

Education:

Bachelors Degree or Equivalent

Relocation:

Relocation assistance is not a negotiable benefit for this position.

Export Control Requirement:

This position must meet export control compliance requirements. To meet export control compliance requirements a U.S. Person as defined by 22 C.F.R. 120.15 is required. U.S. Person includes U.S. Citizen lawful permanent resident refugee or asylee.

Safety Sensitive:

This is not a Safety Sensitive Position.

Security Clearance:

This position requires an active U.S. Top Secret Security Clearance (U.S. Citizenship Required). (A U.S. Security Clearance that has been active in the past 24 months is considered active)

Visa Sponsorship:

Employer will not sponsor applicants for employment visa status.

Contingent Upon Award Program

This position is not contingent upon program award

Shift:

Shift 1 (United States of America)

Stay safe from recruitment fraud! The only way to apply for a position at Boeing is via our Careers website. Learn how to protect yourself from recruitment fraud - Recruitment Fraud Warning