Boeing is looking to solve the problem of ensuring software security and resiliency for their commercial airplanes' products and the aviation ecosystem by hiring a Software Security Engineer to support Secure Coding, Certification, and Software Assurance.
Requirements
- 1+ years of experience factoring and applying confidentiality, integrity and availability considerations within the software development lifecycle
- Software Development Background, or other experience with DevSecOps CI/CD Pipelines
- Experience with Systems Security Engineering and breaking down requirements
- Experience in security architectures, network security, embedded systems security, security testing and evaluation, network design, PKI infrastructure
- Knowledge of Secure Software Development Framework (NIST SP 800-218), or CISA Self-Attestation Common Form
- General knowledge of DoD, NASA and FAA security requirements related to Product Security
- Experience scanning for vulnerabilities, implement and assess mitigations, install, administer, and troubleshoot on various operating systems
Responsibilities
- Assess the adversity faced by software subsystems in the context of the larger system
- Secure cloud-based software development environments
- Manage risk in accordance with accepted industry, professional, and government standards to ensure security design integrity, availability, confidentiality, and regulatory compliance
- Develop security requirements and coordinate with multiple system stakeholders to identify and properly implement and verify security measures to mitigate the risks, threats and vulnerabilities
- Perform requirements verification on software security engineering products using inspection, analysis, demonstration, and test methods
- Perform Common Vulnerabilities and Exploits (CVE) analysis and coordinate with system stakeholders to appropriately mitigate and address to reduce likelihood and consequences of CVE impacting system operation
- Deploy DevSecOps best practices into Program pipelines, including tool selection, configuration, and analysis
Other
- 2+ years of experience in a role that required teaming and collaboration skills, and ability to work well with a geographically dispersed cross-functional and matrix team
- Excellent written/oral communication skills to effectively convey cybersecurity concepts across business and technical stakeholders
- Ability to collaborate with team members and develop execution plans for deliverables
- 2+ years of experience in Agile project management
- This position requires the ability to obtain a U.S. Security Clearance for which the U.S. Government requires U.S. Citizenship. An interim and/or final U.S. Secret Clearance Post-Start is required.
