Software Security Engineer

The Boeing Company is looking for a Software Security Engineer to join the Enterprise Product Security Software organization in Seattle, WA or Everett, WA, to support Secure Coding, Certification, and Software Assurance across various programs in Boeing Commercial Airplanes (BCA); Boeing Defense, Space, and Security (BDS); and Boeing Global Services (BGS).

Our teams are currently hiring for a broad range of experience levels including Senior (Level 4) or Senior (Level 5) Software Safety Engineers.

Do you speak fluent threat model and dream in secure defaults? Do you find joy in turning complex security practices into crisp, testable requirements? If so, join our team as a Product Security Engineer focused on requirements based on software assurance best practices.

The successful candidate will shape the way products are built securely, from conception to fielded systems. This position will influence frameworks, tools, and Boeing's security culture.

As a member of the Enterprise Product Security Software organization, you will have support from security experts across all business units, and exposure to a large variety of products and services. With a focus on Software Security, you will be accountable for the security of software products and pipelines across the world's leading portfolio of commercial and defense airplanes, satellites and weapons.

Level 4 Position Responsibilities:

• Partner with the Software Engineering organization and cross-functional stakeholders to drive and deploy software security requirements across Boeing commercial programs
• Liaison with Boeing commercial programs for enterprise software assurance initiatives
• Design and assess system, software, and product architectures for security risks and alignment with industry and Boeing software assurance principles and practices
• Participate in Technical Design Reviews, representing enterprise software assurance
• Define and deploy software assurance policy, standards, processes, and recommendations across the Software Development Lifecycle in accordance with Boeing strategy, industry, and government standards
• Engage with industry and regulatory bodies to influence updates to regulation, frameworks, and standards
• Manage risk in accordance with accepted industry, professional, and government standards to ensure security design integrity, availability, confidentiality, and regulatory compliance
• Develop security requirements and coordinate with multiple system stakeholders to identify, properly implement, and verify security measures to mitigate risks, threats, and vulnerabilities
• Identify improvements to ensure software implementation is aligned to industry and Boeing software assurance best practices
• Apply Practical knowledge of software assurance concepts (secure design principles, OWASP, SAST/DAST, SBOMs, supply chain considerations, etc.)

Level 5 Position Responsibilities:

• Own partnership with the Software Engineering organization and cross-functional stakeholders to drive and deploy software security requirements across Boeing commercial programs
• Drive enterprise software assurance initiatives within Boeing commercial programs
• Design and assess system, software, and product architectures for security risks and alignment with industry and Boeing software assurance principles and practices
• Represent enterprise software assurance in Technical Design Reviews
• Own definition and implementation of software assurance policy, standards, processes, and recommendations across the commercial Software Development Lifecycle in accordance with Boeing strategy, industry, and government standards
• Represent Boeing in industry and regulatory forums, influence standards and regulatory adoption.
• Advise senior executives on portfolio-wide risk to ensure security design integrity, availability, confidentiality, and regulatory compliance
• Oversee and develop baseline security requirements for commercial platforms.
• Own implementation of software security requirements to key programs within the commercial portfolio.
• Identify improvements to ensure software implementation is aligned to industry and Boeing software assurance best practices
• Apply practical knowledge of software assurance concepts (secure design principles, OWASP, SAST/DAST, SBOMs, supply chain considerations, etc.)

• Bachelor of Science degree in Engineering, Engineering Technology (including Manufacturing Technology), Computer Science, Data Science, Mathematics, Physics, Chemistry or non-US equivalent qualifications directly related to the work statement
• 9+ years of related work experience or an equivalent combination of education and experience
• 5+ years of experience in a role that required teaming and collaboration skills, and ability to work well with a geographically dispersed cross-functional and matrix team
• Experience managing and/or leading security design and architecture
• 9+ years of experience factoring and applying confidentiality, integrity, and availability considerations in all phases of the system development lifecycle
• Experience with the Software Development Lifecycle (SDLC)
• Experience with DevSecOps and Continuous Integration and Continuous Deployment (CI/CD) tools and execution, * Senior (Level 5): 14+ years related work experience or an equivalent combination of education and experience
• Experience with aerospace/aviation software requirements, design, and design analysis
• Experience with system security engineering or systems engineering, Bachelor's Degree or Equivalent

Boeing is a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria is met as outlined in our policies.

Pay & Benefits:

At Boeing, we strive to deliver a Total Rewards package that will attract, engage and retain the top talent. Elements of the Total Rewards package include competitive base pay and variable compensation opportunities.

The Boeing Company also provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and a number of programs that provide for both paid and unpaid time away from work.

The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location, date of hire, and the applicability of collective bargaining agreements.

Pay is based upon candidate experience and qualifications, as well as market and business considerations.

Summary Pay Range:

• Senior (Level 4): $173,400 - $234,600
• Senior (Level 5): $218,450 - $295,550