Skip to main content
Similar jobs pay
$35.83 - $66.32
Full-time, Part-time
Ashburn, VA 20147
Updated 6 days ago

Job Description

At Boeing, we innovate and collaborate to make the world a better place. From the seabed to outer space, you can contribute to work that matters with a company where diversity, equity and inclusion are shared values. We’re committed to fostering an environment for every teammate that’s welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us.

The Boeing Enterprise Product Security Engineering (PSE) Functional Office is seeking an experienced and highly motivated Product Security Engineer to join our team as the engineering leader, accountable to the Director, Enterprise PSE to establish and execute an enterprise PSE Incident Response and Vulnerability Management (IR and VM) program and team. This IR and VM position will partner closely with other business, engineering and cybersecurity partners to implement and institutionalize this critical function. In this role, you will be responsible for the strategy, direction, and coordinated execution with Enterprise partners to achieve an efficient, scalable, standardized and institutionalized IR and VM program.  IR and VM is part of a holistic security strategy, where PSE is responsible for ensuring that our products and services are safe, cyber-secure, and resilient.

Due to the nature of our diverse portfolio of products and services, this position will have responsibility over a wide-range of technologies and concerns, complex supply chains, and domestic and international equities. As such, this position requires a firm understanding and experience in software, systems and other engineering with depth of Product Security experience to effectively plan, lead, and perform IR and VM activity. This role will partner closely with the PSE Technical Excellence and Design Practice team and Business Architecture and Engineering teams to ensure the standardization and institutionalization of activity across the complete lifecycle of our business.

Position Responsibilities:

  • Enterprise engineering technical leader, working across the enterprise functional office, and partner organizations to establish and execute enterprise PSE IR and VM program for our products, platforms, programs, and services
  • Standardize and maintain an institutionalized IR and VM program, tooling, and rigor, across all partners
  • Partner in development and maturation of standard Boeing practices of IR and VM, and adjacent practices such as adversity and risk analysis and supplier management
  • Organize, stand-up and execute IR and VM teams, proactively and in response to specific concerns with a multi-discipline team of cross-enterprise partners
  • Identifying and implementing technical solutions that drive velocity, completeness, and accuracy of IR and VM activity
  • Cultivate a multi-discipline and enterprise wide IR and VM team, to draw upon for specific concerns
  • Break through barriers of understanding, and prioritize actions to identify, assess, mitigate and respond, recover, and communicate
  • Enterprise Product Security technical SME for IR and VM, representing concerns and providing direction and resolution

This role will leverage critical experience in software, systems, Product Security and cybersecurity engineering, supply chain, and analytic understanding and experience across a multitude of domains and environments. Strong technical leadership experience coupled with the ability to standardize and remove barriers through collaborative planning will be crucial for long term success. Candidates will highlight their experience working in team environments, managing the interrelationships of teams through emotional intelligence insights, and communicating difficult technical concepts to audiences with varying levels of experience and expertise. They are also highly motivated and exhibit strong written and verbal communication, inter-personal, and problem-solving skills, as well as the ability to work effectively in a multi-disciplinary project and environment.

Technical and Operational Skills and Experience

The successful candidate must understand and possess demonstrable skills and experience, including:

  • Developing, delivering, and supporting products and systems as an engineer
  • Performing system security analysis, adversity (threat) and risk analysis, and mitigation for various products, systems, software, and environments
  • Researching emerging trends, threats, and concerns for implication to products, systems, software, and environments
  • Researching emerging methods and mitigations to threats and concerns for products, systems, software, and environments
  • Translating technical concerns for coordination, decision making, and taking action with different disciplines and partners including business, supply chain, information technology, and engineering
  • Planning, executing, and leading the performance of a multi-discipline team
  • Applying cybersecurity standards and methods, including Cyber Security Framework and Risk Management Framework to a product for security and resiliency, and compliance outcomes

Other Skills and Experience

The successful candidate is preferred to understand and possess demonstrable skills and experience, including:

  • Product Security, cybersecurity, product safety, physical security, or anti-tamper related engineering and design
  • Software development, preferably across the lifecycle of software design, development, test, and delivery with proven experience in delivering technical capabilities
  • Development or integration of tools to support engineering activities, information sharing, and coordinated prioritization and execution
  • Systems and/or software engineering activities, including:
    • Development of Architecture, Requirements, Concepts of Operations, and Use Cases
    • Development of Hardware and Software products
    • Integration and Unit Test
    • Verification and Validation
    • Testing, including Acceptance and Fielding Tests
  • Use of Model Based Engineering tools, such as CAMEO, and the application of relevant markup languages such as UML and SysML
  • Using Development – Security – Operations (DevSecOps) relevant tools and methodologies
  • Supplier management and supply chain risk management
  • Mentoring and advising junior engineers to develop technical and project management skills

The ideal candidate will have a demonstrated history of performance and delivery in systems or software engineering, and experience throughout the course of the engineering lifecycle.  The ideal candidate will have demonstrated history and experience in strategic thinking, project planning and execution, influencing and organizing multi-discipline teams, and working with a variety of customers. Successful candidates are highly motivated and exhibit strong written and verbal communication, inter-personal, and problem solving skills, as well as the ability to work independently and effectively with external customers and subcontractors in a multi-site and multi-discipline program and environment.

It will be beneficial for the candidate to have an understanding and a working knowledge of various standards, including: DFARS Clause 252.204-7012, CNSSI 1253, DOD 8570, NIST 800-160, NIST 800-53 (and 53A), NIST 800-30, NIST 800-171, NIST 800-55, NIST 800-137, NIST 800-39.

This position allows telecommuting. The selected candidate will be required to perform some work onsite at one of the listed location options.

This position requires the ability to obtain a U.S. Security Clearance for which the U.S. Government requires U.S. Citizenship.

Basic Qualifications (Required Skill/Experience): 

  • Bachelor's, Master's or Doctorate of Science degree from an accredited course of study, in engineering, computer science, mathematics, physics or chemistry
  • Experience developing, delivering, and supporting products and systems as an engineer
  • Experience participating Incident Response and/or Vulnerability Management activities, including planning, assessment, and mitigation

Preferred Qualifications (Desired Skills/Experience):

  • Active US Security clearance
  • Experience with Product Security, cybersecurity, product safety, physical security, or anti-tamper related engineering and design
  • Software development across the lifecycle of software design, development, test, and delivery with proven experience in delivering technical capabilities
  • Using Development – Security – Operations (DevSecOps) relevant tools and methodologies
  • Experience leading Incident Response and/or Vulnerability Management activities

Typical Education/Experience: Education/experience typically acquired through advanced technical education from an accredited course of study in engineering, computer science, mathematics, physics or chemistry (e.g. Bachelor) and typically 9 or more years' related work experience or an equivalent combination of technical education and experience (e.g. PhD+4 years' related work experience, Master+7 years' related work experience). In the USA, ABET accreditation is the preferred, although not required, accreditation standard

Relocation: This position offers relocation based on candidate eligibility

Boeing is a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria is met as outlined in our policies.

Shift: This position is for first shift


Vaccination Requirements:

Boeing is implementing new requirements for employees to be fully vaccinated from COVID-19 or have an approved reasonable accommodation based on local legislation in several countries. Please refer here for current vaccination and/or reasonable accommodation requirements, and timelines based on location.


Equal Opportunity Employer:

Boeing is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law.

Posting ID: 702496249 Posted: 2022-01-14 Job Title: Lead Incident Response Vulnerability