Cloud Security Architect

Job Description

At Boeing, we innovate and collaborate to make the world a better place. From the seabed to outer space, you can contribute to work that matters with a company where diversity, equity and inclusion are shared values. We’re committed to fostering an environment for every teammate that’s welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us.

The Boeing Linux team is responsible for creating the next generation of real time embedded operating systems to serve our military and civil aviation needs. Boeing Product Security Engineering is looking for a Senior Linux Security Engineer – Level 4 to lead a team of software and cybersecurity professionals in developing a secure variant of the Yocto Linux operating system for use in Boeing platforms, and test environments, as well as open source applications across our industry. This position will guide the adoption of secure architectures and practices as the Operating System is designed, implemented, and operated. The Selected Engineer will be responsible to define the security functional requirements and the design assurance approach to the security objectives for the project. The SE will also have a pivotal role post-release by monitoring for relevant vulnerabilities and making frequent updates to our fleets.  

This position can sit out of Berkeley MO, Arlington TX, Charleston SC, Colorado Springs CO, Huntington Beach CA, Huntsville AL, Mesa AZ, Oklahoma City OK, or Philadelphia PA.

Position Responsibilities:

As an integral member of the team, you will be:

  • Active in identifying threat vectors for our systems

  • Active in designing architecture and solutions to address these threats

  • Driving a team backlog to implement these solutions

  • Engaged with customers to identify specific and minimum requirements to satisfy FAA and DoD security governance

  • A Key Contributor to solution vision and requirements

  • Subject Matter Expert in Linux Security

  • Performing daily work in an AWS DevSecOps software factory

  • Leading the identification and development of necessary software certification artifact documents

  • Implementing and upholding security policies, processes, and procedures across the engineering team

  • Applying security and software assurance best practices for the integration of security into the software development lifecycle and automating and enforcing those checks in pipelines

  • Performing vulnerability management of risks, threats, and vulnerabilities

  • Develop Trusted Security Functions, libraries to support cryptography, access controls and privilege processing

  • Experience with security tools, for example software composition analysis/software bill of materials, or vulnerability scanning

  • Experience in the development of trusted computing (e.g. NIAP/Common Criteria General OS Protection Profile)

  • Experience with security infrastructure, product and cybersecurity systems analysis, design, development, and testing

This position allows telecommuting with travel within the US. The selected candidate will be required to perform some work onsite at one of the listed location options.

This position requires the ability to obtain a U.S. Security Clearance for which the U.S. Government requires U.S. Citizenship. An interim and/or final U.S. Secret clearance Post Start is required.

Basic Qualifications (Required Skills and Experience):

  • Bachelor, Master or Doctorate of Science degree from an accredited course of study, in engineering, computer science, mathematics, physics or chemistry

  • Experience developing custom device drivers and kernel modules for the Linux operating system

  • Experience leading or managing engineering teams

  • Experience with security threat modeling tools and processes

  • Experience as an agile software development team lead

Preferred Qualifications/Desired Skills (Desired Skills/Experience):

  • Understanding of the cybersecurity standards and practices defined within DO-178C, NIST 800-171 and 800-53, or Cybersecurity Maturity Model Certification (CMMC) domains

  • Experience with separation kernels, NEAT principle and semi-formal to fully-formal methods of proving isolatio

  • Experience with DevSecOps principles and tools, for example, CI/CD, IaC, CaC, SaC, Gitlab, Terraform, Ansible, Kubernetes, Docker

  • Experience working in a cloud environment

  • Experience with Real Time Embedded Operating Systems

  • Experience in the aerospace and defense industry

  • Training or Certifications including CISSP, CSSLP, Security +, Cloud +, Certified Cloud Security Professional (CCSP), AWS certifications, or equivalent

Typical Education/Experience: Education/experience typically acquired through advanced technical education from an accredited course of study in engineering, computer science, mathematics, physics or chemistry (e.g. Bachelor) and typically 9 or more years’ related work experience or an equivalent combination of technical education and experience (e.g. PhD+4 years’ related work experience, Master+7 years’ related work experience). In the USA, ABET accreditation is the preferred, although not required, accreditation standard.

Relocation: This position offers relocation based on candidate eligibility.

 

Boeing is a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria is met as outlined in our policies.

Shift Work Statement: This position is for 1st shift.

  

At Boeing, we strive to deliver a Total Rewards package that will attract, engage and retain the top talent.  Elements of the Total Rewards package include competitive base pay and variable compensation opportunities.  The Boeing Company also provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and a number of programs that provide for both paid and unpaid time away from work.  The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location, date of hire, and the applicability of collective bargaining agreements. Please note that the salary information shown below is a general guideline only.  Salaries are based upon candidate experience and qualifications, as well as market and business considerations.  

Summary pay range for Senior: $138,000 – $197,000

Export Control Requirements: U.S. Government Export Control Status: This position must meet export control compliance requirements. To meet export control compliance requirements, a “U.S. Person” as defined by 22 C.F.R. §120.15 is required. “U.S. Person” includes U.S. Citizen, lawful permanent resident, refugee, or asylee.

Export Control Details: US based job, US Person required

Equal Opportunity Employer:

Boeing is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law.

Related Post

Electrical EngineerElectrical Engineer

AECOM is seeking an Electrical Engineer based in San Francisco or Oakland, California.At AECOM, we’re delivering a better world.We believe infrastructure creates opportunity for everyone. Whether it’s improving your commute,