Next Generation Interceptor (NGI), Experienced Product Cyber Security Analysis and Engineering

Job Description

At Boeing, we innovate and collaborate to make the world a better place. From the seabed to outer space, you can contribute to work that matters with a company where diversity, equity and inclusion are shared values. We’re committed to fostering an environment for every teammate that’s welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us.

The Missile and Weapon Systems (MWS) Product Security Engineering Capability is seeking experienced Product Cyber Security Analysis and Engineering candidates for the Next Generation Interceptor (NGI) program anticipated to be awarded this year. The MWS Product Security team is responsible for the security, resiliency, and safety of MWS products and services. This team is developing industry-leading software, hardware, and systems solutions. There are multiple positions available with responsibilities including cyber and systems security analysis, system security engineering, program protection, and software security and assurance.

Successful candidates will highlight a breadth and depth of experience in working in team environments, supporting complex system development, integration and test. These systems cover information technology, as well as embedded systems, communications, and other non-IT elements that would be found in an NGI type of product.

These positions and roles include the following experiences and primary responsibilities:

• Cyber and Systems Security Analysis Role:

  • Perform incremental adversity and threat analysis

  • Perform and support continuing criticality analysis

  • Apply systematic, functional and fact based analysis techniques and tools throughout life-cycle of product and maturation

  • Perform incremental analysis of systems, components, and suppliers for risks, vulnerabilities, and threats

  • Perform collaborative design & development with responsible engineers for traceable mitigations, including design constraints and concepts to minimize risk and vulnerability and increase NGI resiliency and assurance

  • Perform collaborative incremental verification and testing to assess mitigation and design elements

• System Security Engineering and Program Protection Role:

  • Support cyber threat intelligence activities

  • Support cyber risk assessments and the development of risk mitigation plans

  • Support Supply Chain Risk Management in partnership with responsible engineers and supplier management

  • Support and perform incident response and mitigation

  • Support and facilitate various Authority to Operate (ATO) packages including processing Information Assurance Vulnerability Management (IAVM) related concerns

  • Develop, implement, and mature Program Protection plans and associated appendices, and other classified plans

  • Support Anti-Tamper planning and related activities as part of overarching Program Protection

  • Support engineering teams in analysis of patches and various system updates and upgrades to determine system consequence of these changes

  • Prepare and execute to Risk Management Framework (RMF) compliance plans including Control Correlation Identifier (CCI) consideration, and creation of necessary compliance documentation

  • Support the Program with cyber guidance and expertise related to program performance and execution

  • Support the development and maintenance of cyber scanning, patching, remediation, tools and applications

  • Support engineering teams in performance of TEMPEST, DFARS, COMSEC, CNSSI, and other compliance drivers, as needed

• Software Security and Assurance Role:

  • Partner with and fully integrate with the NGI software development SCRUM team

  • Participate fully in Agile planning and execution

  • Perform cyber and software/architecture analysis throughout the maturation of the design following the responsibilities of the Cyber and Systems Security Analysis Role

  • Utilize the Boeing NGI SW Factory DevSecOps security analysis tools, and tests and artifacts to assess and verify security measures, quality, and integrity

  • Support development and utilization of Secure Coding standards

  • Review and analyze software codebase, to include C/C++, algorithms, and standards

  • Perform early and incremental development and test utilizing virtualized / emulated elements and systems / code under test

All Product Security engineering will be performed within a robust and integrated Model Based Systems Engineering (MBSE) environment and Software Factory implementing a comprehensive Development – Security – Operations (DevSecOps) life-cycle. Product Security related artifacts including analysis products, design decisions, derived requirements, features, and test related materials will be maintained through the MBSE and DevSecOps tool chains. Experience in these tools is highly valued, though not required.

In addition to the specific program responsibilities of NGI, the successful candidates will be joining the growing MWS Product Security Engineering Capability. You will be joining a team of advanced security engineers from across the Boeing Enterprise, that are jointly developing best practices, techniques and tools, and a community to draw upon to deliver best value to our customers.

THIS PROGRAM IS CONTINGENT UPON Next Generation Interceptor (NGI) AWARD.

This position requires an active Secret U.S. Security Clearance. (A U.S. Security Clearance that has been active in the past 24 months is considered active.)

Basic Qualifications (Required Skills/Experience):

• Bachelor's degree (or foreign equivalent) in Computer Science, Computer Engineering, Engineering or related discipline

• 5+ years of education and/or work experience in Cyber Security

Preferred Qualifications (Desired Skills/Experience):

The successful candidates should possess a substantial understanding and experience in complex non-IT Product and Cybersecurity systems analysis, design, development, and testing. Successful candidates will be working daily in MBSE and DevSecOps related environments and tools in the performance of their efforts, and should possess at least some professional experience in those environments, and methodologies.

• IAM Level 2 (or higher) DoD 8570 Certification for roles, except for SSE and Incident Response related role, which requires DOD 8570 IAT – Level III (CISSP or equivalent)

• MS in related fields, or specialties including Cybersecurity are desired, with 7 or more years of professional experience

• A strong command of requirements definition, subsystem allocation, and integration testing is required, and knowledge of avionics and embedded computing and communications systems

• Highly motivated and exhibit strong written and verbal communication, inter-personal, and problem solving skills, as well as the ability to work independently and effectively with external customers and subcontractors in a multi-discipline program and environment

• Demonstrated history of strong performance in systems, electrical or computer engineering, or related fields, operating through the full engineering lifecycle of a product

• Understanding and experience in engineering, including:

  • Requirements, Concepts of Operations, and Use Cases

  • Development of Hardware and Software products

  • Integration and Unit Test

  • Verification and Validation

  • Testing, including Acceptance and Fielding Tests

• Understanding and knowledge of the Ballistic Missile Defense System (BMDS) and mission

• Understanding and knowledge of platforms and embedded systems, such as those found in missiles and aircraft

• Ability to analyze high level needs; following a structured and logical approach refine the into an evolving minimum viable product (MVP) that leads to a final fielded product

• Ability to factor and communicate confidentiality, integrity and availability considerations in all phases of system development lifecycle

• The ability to understand and decompose requirements to support implementation, verification and validation testing of software and hardware components

• Experience with Cameo (SysML, UML), JIRA, Confluence, Bitbucket, Artifactory, Aqua, SonarQube, Coverity, and other design, development and collaboration tools

Typical Education/Experience:

Education/experience typically acquired through advanced technical education from an accredited course of study in engineering, computer science, mathematics, physics or chemistry (e.g. Bachelor) and typically 9 or more years' related work experience or an equivalent combination of technical education and experience (e.g. PhD+4 years' related work experience, Master+7 years' related work experience). In the USA, ABET accreditation is the preferred, although not required, accreditation standard.

Relocation:

This position offers relocation based on candidate eligibility.

Drug Free Workplace (DFW):

Boeing is a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria is met as outlined in our policies.

Experience Level
Individual Contributor
Contingent Upon Program Award
Yes, this position is contingent upon program award

Schedule
Full time

Boeing is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law.