Associate or Experienced Product Security Engineer

Company:

Boeing Engineering is actively seeking an Associate (Level 2) or Experienced (Level 3) Product Security Engineer to join our growing Factory & Operational Technology (OT) Product Security Engineering (PSE) team in Everett WA or Seattle WA. This role offers a rare opportunity to work at the forefront of efforts to ensure that our factories producing products ranging from commercial airplanes to satellites to autonomous submersibles continue to be secure and resilient from cyber threats. Our manufacturing systemsassembly robots CNC machines and industrial control systemsalong with the buildings that house them demand rigorous cybersecurity defenses to prevent disruption and compromise.

In this role you will be improving the security posture of Boeings production environments by designing validating and deploying centralized network monitoring vulnerability management and logging capabilities that span our factories across the globe. Youll turn telemetry into highconfidence detections dashboards and key performance indicators (KPI) that feed security operation centers (SOCs) incident response (IR) and forensics workflows. From policy architecture and nondisruptive pilot validation in labs/digital twins to tool selection and enterprise rollout youll play a key role in partnering with manufacturing IT safety and vendors to enable faster investigations prioritized remediation preserved uptime and a measurable improvement in the resilience of our manufacturing operations.

Whether youre passionate about strengthening operational technology security applying handson technical expertise to protect complex manufacturing environments or seeking a leadershiporiented engineering role this position offers both impact and visibility in a highly specialized domain. Join us and help lead the charge in securing the systems and environments that produce our industry leading products.

Primary responsibilities:

• Develop and enhance the enterprise OT Monitoring Program to deliver safe non-disruptive and reliable cybersecurity visibility across networks and systems.
• Evaluate pilot validate and deploy cybersecurity monitoring and logging toolchains
• Build and maintain parsers normalizers protocol dissectors and custom extractors to ensure highfidelity telemetry reliable context enrichment and interoperability with SOC tooling.
• Facilitate detection engineering through the baselining of OT network behavior developing analytics and detection rules for OT protocols tuning alerts to reduce false positives and performing proactive threat hunting across OT telemetry.
• Design and implement security dashboards reporting and KPIs that serve both operations and security stakeholders (latency/visibility metrics detection quality mean time to detect/respond sensor health coverage etc).
• Define and publish OT monitoring and logcollection policies covering collection scope retention access controls privacy rules of engagement and compliance requirements.
• Create and maintain playbooks training materials and handover packages for SOC analysts site focals IR responders and operations teams. Lead training sessions and tabletop exercises.
• Coordinate with cross functional stakeholders (manufacturing IT safety vendors) to minimize operational impact track program metrics and continuously improve.
• Support incident response (IR) and rootcause analysis for OT security events including coordination with the IR team safety and operations teams.
• Mentor junior engineers and participate in crossfunctional design reviews.
• Contribute to roadmaps budget justification and vendor evaluations to evolve the OT monitoring and centralized logging capability.

Basic Qualifications (Required Skills and Experience):

• Bachelor of Science degree from an accredited course of study in engineering engineering technology (includes manufacturing engineering technology) chemistry physics mathematics data science or computer science
• Level 2: 2 years of related work experience or an equivalent combination of education and experience
• Level 3: 5 years of related work experience or an equivalent combination of education and experience
• Deep understanding of cybersecurity controls and frameworks
• Handson experience designing deploying and managing centralized cybersecurity monitoring and logging solutions
• Working knowledge of a source control tool such as GIT Subversion CVS etc.
• Familiarity with cloud logging/security (AWS Azure or GCP) and integrating cloud telemetry with SOC tooling
• Experience creating policies playbooks and/or training
• Working knowledge of a programming or scripting language (i.e. python C java etc)
• Experience in architecture design management administration and troubleshooting of networks with a focus on security controls

Preferred Qualifications (Desired Skills and Experience):

• Current Security (Sec) certification or other current DoD 8570/8140 Approved Baseline Certification OR willing and have the ability to obtain a CompTIA Security Pre-Start (i.e. successful completion of a DoD 8140 IAT Level II Certification)
• Experience with ICS/OT systems and networks (PLCs SCADA robots CNC) including lab/digitaltwin validation and nondisruptive testing.
• Threathunting experience on OT telemetry: baselining rule creation tuning and/or KPI measurement.
• Working knowledge of a vulnerability scanning tool such as Nessus Qualys OpenVAS etc.
• Experience with PowerShell Bash Ladder Logic and Structured Text
• Deep understanding of the NIST 800 series documents
• Cybersecurity Certifications such as Security CySA CISSP CEH etc.
• Experience participating in an incident response team
• Experience as a DevOps and/or DevSecOps engineer
• Excellent leadership technical communication and documentation skills

Drug Free Workplace:

Boeing is a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana cocaine opioids amphetamines PCP and alcohol when criteria is met as outlined in our policies.

Pay & Benefits:

At Boeing we strive to deliver a Total Rewards package that will attract engage and retain the top talent. Elements of the Total Rewards package include competitive base pay and variable compensation opportunities.

The Boeing Company also provides eligible employees with an opportunity to enroll in a variety of benefit programs generally including health insurance flexible spending accounts health savings accounts retirement savings plans life and disability insurance programs and a number of programs that provide for both paid and unpaid time away from work.

The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location date of hire and the applicability of collective bargaining agreements.

Pay is based upon candidate experience and qualifications as well as market and business considerations.

Summary Pay Range:

• Associate (Level 2): $98600 - $133400
• Experienced (Level 3): $146200 - $197800

Language Requirements:

Education:

Relocation:

Export Control Requirement:

Safety Sensitive:

Security Clearance:

Visa Sponsorship:

Contingent Upon Award Program

Shift:

Stay safe from recruitment fraud! The only way to apply for a position at Boeing is via our Careers website. Learn how to protect yourself from recruitment fraud - Recruitment Fraud Warning