Apply on Employer Site

Boeing · 2 days ago

Offensive Cybersecurity Test Engineer (Associate, Experienced, or Lead)

Berkeley, MO

Full-time

Onsite

Entry, Mid, Senior Level

$99K/yr - $133K/yr

3+ years exp

Boeing is a company committed to innovation and collaboration, seeking Offensive Cybersecurity Test Engineers to support their Test & Evaluation cyber test capability. The role involves executing penetration tests, conducting risk assessments, and developing cyber test plans to enhance the security of the Boeing Defense Space & Security portfolio.

AerospaceIndustrial

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Execute penetration tests to identify, exploit, and assess a target system’s vulnerabilities in a threat-representative manner on embedded systems and IP-based networks

Implement test campaigns aligned with the DoD Cybersecurity T&E best practices

Conduct Mission Based Cyber Risk Assessments (MBCRAs) and Cyber Table Tops (CTTs)

Define cyber test plans and schedules for complex architectures and translate to actionable tasks

Perform event planning in coordination with multiple stakeholders

Provide team leadership, direction, and coordination resulting in test readiness

Align technical test findings to stakeholder objectives and map attack surface coverage

Coordinate prioritization and completion of test cases in accordance with the test plan

Complete post-test reporting as a part of the test team

Represent Product Security T&E in engagements with Boeing, suppliers and customer leadership

Develop and mature Product Security T&E processes, best practices, and solutions

Occasional domestic and international travel as needed

Qualification

Penetration TestingCybersecurity Risk AssessmentProduct SecurityDoD Cybersecurity PracticesSystem ArchitectureCybersecurity Compliance FrameworksStakeholder EngagementEvent PlanningTeam LeadershipCommunication Skills

Required

Bachelor of Science degree from an accredited course of study in engineering, engineering technology (includes manufacturing engineering technology), chemistry, physics, mathematics, data science, or computer science

3+ years of experience directing and executing projects in accordance with stakeholder objectives and schedules

1+ years of experience working with Department of Defense (DoD) organizations, projects and/or programs

1+ years of experience in product security, cybersecurity research, or a related field

1+ years of experience planning and executing penetration testing of either IT based systems or Avionics embedded systems

Experience in system and software architectures

Able to travel both domestically and internationally

This position must meet U.S. export control compliance requirements. To meet U.S. export control compliance requirements, a 'U.S. Person' as defined by 22 C.F.R. 120.62 is required. 'U.S. Person' includes U.S. Citizen, U.S. National, lawful permanent resident, refugee, or asylee

This position requires an active U.S. Secret Security Clearance (U.S. Citizenship Required). (A U.S. Security Clearance that has been active in the past 24 months is considered active)

Preferred

Level 3: 3 or more years' related work experience or an equivalent combination of education and experience

Level 4: 5 or more years' related work experience or an equivalent combination of education and experience

Experience performing adversity (threat) analysis, security risk assessments, and maturing the analysis throughout the development lifecycle

Experience hosting events like Cyber Table Tops and Mission Based Cyber Risk Assessments

Experience working with stakeholders to integrate, plan and execute test events

Demonstrated ability to engage with stakeholders to define/plan/resource/deliver solutions (state years of experience)

Experience working with Product Security (non-IT) Cyber Compliance and/or Avionics Embedded systems risk management assessment

Experience supporting Cyber Table Top, Mission Based Cyber Risk Assessment, or equivalent exercises

Experience evaluating cybersecurity in one or more of the following domains: Windows, Linux, VxWorks, and INTEGRITY Operating Systems; IP-Based Networks; Avionics, Embedded Systems, Non-Standard Ethernet Protocols (ARINC, MIL-STD); or RF interfaces

Experience with cybersecurity compliance frameworks such as NIST CSF, DoD RMF, CMMC or PCI/DSS

Experience designing and/or testing product systems

Experience with program planning (cost and schedule)