Software Security Engineer (Associate or Mid-Level)Boeing • Berkeley, MO, United States

No longer accepting applications

Software Security Engineer (Associate or Mid-Level)

Boeing • Berkeley, MO, United States

1 day ago

Job type

Permanent

Temporary

Job description

Software Security Engineer (Associate or Mid-Level)

Company : The Boeing Company

The Boeing Company is looking for a Software Security Engineer to join the Enterprise Product Security Software organization in Berkeley or Hazelwood, MO , to support Secure Coding, Secure Engineering Environments, and Software Assurance across various efforts within Boeing Defense, Space, and Security (BDS). Our teams are currently hiring for a broad range of experience levels including Associate and Mid-Level Software Security Engineers.

The successful candidate will be responsible for driving the development, implementation, and sustainment of product security and resiliency throughout the engineering lifecycle, protecting our commercial and military airplanes' products and the aviation ecosystem.

As a member of the Enterprise Product Security Software organization, you will have support from security experts across all business units, and exposure to a large variety of products and services. With a focus on Software Security, you will be accountable for the security of software products and pipelines across the world's leading portfolio of commercial and defense airplanes, satellites and weapons.

Position Responsibilities :

Assess the adversity faced by software subsystems in the context of the larger system
Secure cloud-based software development environments
Manage risk in accordance with accepted industry, professional, and government standards to ensure security design integrity, availability, confidentiality, and regulatory compliance
Develop security requirements and coordinate with multiple system stakeholders to identify and properly implement and verify security measures to mitigate the risks, threats and vulnerabilities
Perform requirements verification on software security engineering products using inspection, analysis, demonstration, and test methods
Implement Secure Software distribution systems for embedded platforms
Deploy DevSecOps best practices into Program pipelines, including tool selection, configuration, and analysis
Provide technical data and develop documentation in accordance with requirements and system security engineering processes and procedures for internal reference and external delivery
Support Product Security Incident Response Team to respond to security events
Define and deploy consistent software security standards within the Software Development Lifecycle
Identify improvements to ensure software implementation is aligned to industry and Boeing software assurance best practices

A successful Associate candidate would have the following :

Technical Contributions : Apply foundational software engineering and cybersecurity knowledge to assigned tasks such as secure coding reviews, vulnerability scans, and basic requirements verification

Learning & Growth : Eagerly learn Boeing's secure development lifecycle, toolchains, and processes, seeking guidance from senior engineers and applying lessons quickly

Execution : Deliver assigned work on time and with quality, asking the right questions when encountering new tools or security challenges

Collaboration : Work effectively in small teams, contributing to shared deliverables and actively participating in design and review discussions

Problem-Solving : Identify straightforward technical issues, propose solutions, and escalate appropriately when complexity increases

A successful Mid-Level candidate would have the following :

Independence : Take ownership of moderately complex projects, completing assignments with limited oversight while adhering to security standards

Technical Depth : Analyze and mitigate security vulnerabilities in software pipelines and cloud environments; implement improvements to DevSecOps practices

Mentorship : Provide guidance and peer reviews for junior engineers, helping them adopt best practices and grow their technical skills

Cross-Functional Collaboration : Partner with systems engineers, developers, and program managers to integrate security controls into system architectures and Agile workflows

Judgment & Risk Management : Assess risk tradeoffs and recommend pragmatic solutions that balance security, cost, and performance

Process Improvement : Identify recurring issues in secure software practices and propose process / tool enhancements to increase resiliency

This position is expected to be 100% onsite. The selected candidate will be required to work onsite at one of the listed location options.

Basic Qualifications (Required Skills / Experience) :

Bachelor of Science degree from an accredited course of study in engineering, engineering technology (includes manufacturing engineering technology), chemistry, physics, mathematics, data science, or computer science

Ability to work well with a geographically dispersed cross-functional and matrix team Software Development Background, or other experience with DevSecOps CI / CD Pipelines

2+ years of work-related experience in Cybersecurity

Preferred Qualifications (Desired Skills / Experience) :

Mid-Level : 5+ years related work experience or an equivalent combination of education and experience

5+ years of work-related experience in Cybersecurity

Experience with Secure Software Distribution; Certificates; PKI; HSM; etc.

Experience with Cloud development environments, including AWS and Azure; IAM; RBAC / ABAC

Experience with Systems Security Engineering and breaking down requirements

Experience in security architectures, network security, embedded systems security, security testing and evaluation, network design, PKI infrastructure

Excellent written / oral communication skills to effectively convey cybersecurity concepts across business and technical stakeholders

Cybersecurity Certifications not limited to Security+, CISSP, CEH etc.

Knowledge of Secure Software Development Framework (NIST SP 800-218), or CISA Self-Attestation Common Form

General knowledge of DoD, NASA and FAA security requirements related to Product Security

3+ years of experience in the field of product security, anti-tamper and / or secure computing

Ability to collaborate with team members and develop execution plans for deliverables

2+ years of experience in Agile project management

Experience on a multi-disciplinary team meeting aggressive schedules

Experience scanning for vulnerabilities, implement and assess mitigations, install, administer, and troubleshoot on various operating systems

Drug Free Workplace :

Boeing is a Drug Free Workplace (DFW) where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria is met as outlined in our policies.

Pay & Benefits :

At Boeing, we strive to deliver a Total Rewards package that will attract, engage and retain the top talent. Elements of the Total Rewards package include competitive base pay and variable compensation opportunities.

The Boeing Company also provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and a number of programs that provide for both paid and unpaid time away from work.

The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location, date of hire, and the applicability of collective bargaining agreements.

Pay is based upon candidate experience and qualifications, as well as market and business considerations.

Summary Pay Range (Associate level) : $91,800 - $124,200

Summary Pay Range (Mid-Level) : $112,200 - $151,800

Language Requirements :

Not Applicable

Education :

Bachelor's Degree or Equivalent

Relocation :

This position offers relocation based on candidate eligibility.

Export Control Requirement :

This position must meet export control compliance requirements. To meet export control compliance requirements, a "U.S. Person" as defined by 22 C.F.R. §120.15 is required. "U.S. Person" includes U.S. Citizen, lawful permanent resident, refugee, or asylee.

Safety Sensitive :

This is not a Safety Sensitive Position.

Security Clearance :

This position requires the ability to obtain a U.S. Security Clearance for which the U.S. Government requires U.S. Citizenship. An interim and / or final U.S. Secret Clearance Post-Start is required. This position requires ability to obtain program access, for which the U.S. Government requires U.S. Citizenship only.

Visa Sponsorship :

Employer will not sponsor applicants for employment visa status.

Contingent Upon Award Program

This position is not contingent upon program award

Shift :

Shift 1 (United States of America)

Stay safe from recruitment fraud! The only way to apply for a position at Boeing is via our Careers website. Learn how to protect yourself from recruitment fraud - Recruitment Fraud Warning

Boeing is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military / veteran status or other characteristics protected by law.

EEO is the law

Boeing EEO Policy

Request an Accommodation

Applicant Privacy

Boeing Participates in E - Verify

E-Verify (English)

E-Verify (Spanish)

Right to Work Statement

Right to Work (English)

Right to Work (Spanish)

Create a job alert for this search

Software Engineer • Berkeley, MO, United States