Product Security Engineer (Phantom Works)

Company: BOEING
Location: Florissant
Posted on: February 15, 2021

Job Description:

Boeing Phantom Works is seeking an innovative Product Security Engineer to join our growing Boeing Product Security Organization. The successful candidate will be responsible for applying an interdisciplinary, collaborative approach in leading a team that will plan, design, develop, validate and verify life-cycle balanced system security engineering solutions. The Product Security Engineer role requires the engineer to work closely with a variety of engineering and non-engineering disciplines, to include Mission Systems Engineering, Systems Engineering, Information Security, Government Computing Security, Supplier Management and Program Office technical/management staff to ensure the relevance of architecture and system designs in implementing cybersecurity engineering requirements.

You will be a part of Boeing's Product Security Organization, which is a growing multi-disciplinary engineering organization that is responsible for the security and resiliency of Boeing's products, platforms, and services. You will have multiple responsibilities across the life-cycle of Phantom Works programs and products, including the design and development of next generation systems. You will have the opportunity to shape and influence Product Security Engineering in Phantom Works, and engage with Boeing's Enterprise Product Security community.

Position Responsibilities:

Leads a team that performs cyber and systems security engineering of products and non-IT networks, perform threat and risk assessment as part of a cyber-maturation process that establishes threat surfaces and mitigations to maximize resiliency and minimize vulnerability


Leads the evaluation of customer/operational needs to define and coordinate system performance requirements, integrate technical parameters and assure compatibility of all physical, functional and program interfaces.


Leads analysis to optimize total system of systems and/or system architecture.


Develops, maintains and identifies improvements for the planning, organization, implementation and monitoring of the requirements management processes.


Resolves cross-functional technical issues.


Leads a team that will identify assets and assess risks, threats, and vulnerabilities of the product in accordance with accepted industry, professional, and government standards to ensure secure design while enabling integrity, availability, confidentiality, and non-repudiation of system functions and data, and contract compliance


Evaluates remediation recommendations and develops a cost to mitigate estimate.


Lead a team that employs system security processes, methods, and tools, and assures their consistent application.


Implements appropriate security controls and requirements per JSIG, DoD and ICD 503 RMF, NISPOM, or DoD Overprint to the NISPOM as required by customers


Coordinates with system administrators, network and software engineers, test and validation engineers and program management on security related activities and requirements.


Travel (up to 25%) will be required for meetings with customers, internal meetings, etc.



This position requires an active Secret U.S. Security Clearance. (A U.S. Security Clearance that has been active in the past 24 months is considered active.)

Basic Qualifications (Required Skills/Experience):

Technical Bachelor's, Master's or a PhD degree (technical degree is defined as any four year degree, or greater, in a mathematics, scientific or information technology field of study)


Experience with Risk Management Framework (RMF) or Cyber Security Framework (CSF)


Experience leading a dynamic cyber security team and working across engineering and non-engineering disciplines



Preferred Qualifications (Desired Skills/Experience):

Experience in leading system and component level cyber test and evaluation, including threat and security assessments, and table top exercises


Experience leading software assurance planning and assessments, including static and dynamic code analysis


Experience in supporting or performing cyber threat intelligence analysis


CISSP certification


Security + certification



Typical Education/Experience:

Education/experience typically acquired through advanced technical education from an accredited course of study in engineering, computer science, mathematics, physics or chemistry (e.g. Bachelor) and typically 9 or more years' related work experience or an equivalent combination of technical education and experience (e.g. PhD+4 years' related work experience, Master+7 years' related work experience). In the USA, ABET accreditation is the preferred, although not required, accreditation standard.

Relocation:
This position offers relocation based on candidate eligibility. Basic relocation is available for internal candidates.

Drug Free Workplace:
Boeing is a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria is met as outlined in our policies.

Keywords: BOEING, Florissant , Product Security Engineer (Phantom Works), Engineering , Florissant, Missouri