Job Specifications
Job Description
At Boeing, we innovate and collaborate to make the world a better place. We’re committed to fostering an environment for every teammate that’s welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us.
Overview:
The Boeing Defense, Space, and Security (BDS) Engineering division is looking for a Product Security Engineer to join a team in Albuquerque, NM.
At Boeing, we are all innovators on a mission to connect, protect, explore and inspire. From the seabed to outer space, you’ll learn and grow, contributing to work that shapes the world. Find your future with us!
Position Responsibilities:
Develop, implement, and sustain product security and resiliency throughout the requirements, design, build, test, production, operations, and support lifecycle.
Develop and enhance system requirements and architectures for product security to meet all applicable certification and customer requirements.
Ensure security of facilities, equipment, tools, data, networks, and resources used for product: design, development, build, test, storage, delivery, operations, and support.
Define and identify product security requirements for suppliers of components and subsystems for integration into Boeing products and services.
Coordinate with government, customers, suppliers, and industry to identify risks and improve industry and regulatory security standards and requirements for programs and interfacing systems.
Conduct research and development activities that result in innovative solutions.
Advise customers on maintaining product security and certification, including security consequences of modifying products and services.
This position requires an active U.S. Top Secret Security Clearance (U.S. Citizenship Required). (A U.S. Security Clearance that has been active in the past 24 months is considered active)
Basic Qualifications:
Bachelor of Science degree in Engineering, Engineering Technology (including Manufacturing Technology), Computer Science, Data Science, Mathematics, Physics, Chemistry or non-US equivalent qualifications directly related to the work statement, and 10 to 15 years of relevant work experience.
Skills and abilities to: collect, organize, synthesize, and analyze data; summarize findings; develop conclusions and recommendations from appropriate data sources. Develop and support security developmental and operational test planning & execution.
Engineering-focused experience in incident response, designing and implementing technical controls and workflows to detect, contain, and remediate cyber incidents while preserving forensic integrity.
Ability to identify susceptibility, survivability, and vulnerability (S/V) of the systems, subsystems and delivery mechanisms, based on the knowledge of characteristics and capabilities of threats (e.g. protocol exploits, identity spoofing, malware injection techniques, application layer vulnerabilities).
Knowledge of emerging computing and information technology areas to manage advanced research computing technology proposals, projects and resources.
Knowledge of system security domains (e.g., information assurance, anti-tamper, intrusion detection, software protection, software assurance, communications security, encryption and key management, network security, reverse engineering, countermeasures, certification and accreditation, special security endorsement) and industry and government guidance and regulations which engineers apply to produce secure systems. Experience with performing system security engineering activities that follow NIST 800-160. Strong understanding of secure network architecture and design
Experienced in engineering requirements decomposition. Demonstrated expertise in implementing and maintaining DoD security policies and regulations, including threat & risk assessments, accreditation processes, and continuous monitoring to ensure mission assurance and compliance
Knowledge and understanding of the methodology and processes associated with risk management, conducting trade studies including cost as an independent variable (CAIV) trade. Ability to: identify and quantify potential risks areas within specific (depth) and across multiple engineering disciplines (breadth); understand design constraints (technical, cost & schedule); identify and trade alternatives (i.e., trade studies); select/recommend the best plan for mitigating risks; implement and execute plans for mitigating risk; and establish appropriate performance tracking metrics to track risk burndown over time.
Ability to effectively utilize risk management tools (iso-risk charts/plots, waterfall, etc.) to support program/project execution.
Demonstrated systems-thinking to analyze complex technical and organizational interactions, identify root causes, and design scalable, resilient solutions across hardware, software, and process domains.
Preferred Qualifications:
Knowledgeable in applying Multi-Level Security (MLS)