Software Security Engineer (Associate or Mid Level)

Job description

**Job Description**

At Boeing, we innovate and collaborate to make the world a better place.

We’re committed to fostering an environment for every teammate that’s welcoming, respectful and inclusive, with great opportunity for professional growth.

Find your future with us.

The Boeing Company is looking for a **Software Security Engineer** to join the Enterprise Product Security Software organization in **Berkeley or Hazelwood, MO** , to support Secure Coding, Secure Engineering Environments, and Software Assurance across various efforts within Boeing Defense, Space, and Security (BDS).

Our teams are currently hiring for a broad range of experience levels including Associate and Mid-Level Software Security Engineers.

The successful candidate will be responsible for driving the development, implementation, and sustainment of product security and resiliency throughout the engineering lifecycle, protecting our commercial and military airplanes’ products and the aviation ecosystem.

As a member of the Enterprise Product Security Software organization, you will have support from security experts across all business units, and exposure to a large variety of products and services.

With a focus on Software Security, you will be accountable for the security of software products and pipelines across the world's leading portfolio of commercial and defense airplanes, satellites and weapons.

**Position Responsibilities:**

+ Assess the adversity faced by software subsystems in the context of the larger system
+ Secure cloud-based software development environments
+ Manage risk in accordance with accepted industry, professional, and government standards to ensure security design integrity, availability, confidentiality, and regulatory compliance
+ Develop security requirements and coordinate with multiple system stakeholders to identify and properly implement and verify security measures to mitigate the risks, threats and vulnerabilities
+ Perform requirements verification on software security engineering products using inspection, analysis, demonstration, and test methods
+ Implement Secure Software distribution systems for embedded platforms
+ Deploy DevSecOps best practices into Program pipelines, including tool selection, configuration, and analysis
+ Provide technical data and develop documentation in accordance with requirements and system security engineering processes and procedures for internal reference and external delivery
+ Support Product Security Incident Response Team to respond to security events
+ Define and deploy consistent software security standards within the Software Development Lifecycle
+ Identify improvements to ensure software implementation is aligned to industry and Boeing software assurance best practices

A successful **Associate** candidate would have the following:

+ **Technical Contributions:** Apply foundational software engineering and cybersecurity knowledge to assigned tasks such as secure coding reviews, vulnerability scans, and basic requirements verification
+ **Learning & Growth:** Eagerly learn Boeing’s secure development lifecycle, toolchains, and processes, seeking guidance from senior engineers and applying lessons quickly
+ **Execution:** Deliver assigned work on time and with quality, asking the right questions when encountering new tools or security challenges
+ **Collaboration:** Work effectively in small teams, contributing to shared deliverables and actively participating in design and review discussions
+ **Problem-Solving:** Identify straightforward technical issues, propose solutions, and escalate appropriately when complexity increases

A successful **Mid-Level** candidate would have the following:

+ **Independence:** Take ownership of moderately complex projects, completing assignments with limited oversight while adhering to security standards
+ **Technical Depth:** Analyze and mitigate security vulnerabilities in software pipelines and cloud environments; implement improvements to DevSecOps practices
+ **Mentorship:** Provide guidance and peer reviews for junior engineers, helping them adopt best practices and grow their technical skills
+ **Cross-Functional Collaboration:** Partner with systems engineers, developers, and program managers to integrate security controls into system architectures and Agile workflows
+ **Judgment & Risk Management:** Assess risk tradeoffs and recommend pragmatic solutions that balance security, cost, and performance
+ **Process Improvement:** Identify recurring issues in secure software practices and propose process/tool enhancements to increase resiliency

**This position is expected to be 100% onsite.

The selected candidate will be required to work onsite at one of the listed location options.**

**Basic Qualifications (Required Skills/Experience):**

+ Bachelor of Science degree from an accredited course of study in engineering, engineering technology (includes manufacturing engineering technology), chemistry, physics, mathematics, data science, or computer science
+ Ability to work well with a geographically dispersed cross-functional and matrix team Software Development Background, or other experience with DevSecOps CI/CD Pipelines
+ 2+ years of work-related experience in Cybersecurity

**Preferred Qualifications (Desired Skills/Experience):**

+ **Mid-Level:** 5+ years related work experience or an equivalent combination of education and experience
+ 5+ years of work-related experience in Cybersecurity
+ Experience with Secure Software Distribution; Certificates; PKI; HSM; etc.
+ Experience with Cloud development environments, including AWS and Azure; IAM; RBAC/ABAC
+ Experience with Systems Security Engineering and breaking down requirements
+ Experience in security architectures, network security, embedded systems security, security testing and evaluation, network design, PKI infrastructure
+ Excellent written/oral communication skills to effectively convey cybersecurity concepts across business and technical stakeholders
+ Cybersecurity Certifications not limited to Security+, CISSP, CEH etc.
+ Knowledge of Secure Software Development Framework (NIST SP 800-218), or CISA Self-Attestation Common Form
+ General knowledge of DoD, NASA and FAA security requirements related to Product Security
+ 3+ years of experience in the field of product security, anti-tamper and/or secure computing
+ Ability to collaborate with team members and develop execution plans for deliverables
+ 2+ years of experience in Agile project management
+ Experience on a multi-disciplinary team meeting aggressive schedules
+ Experience scanning for vulnerabilities, implement and assess mitigations, install, administer, and troubleshoot on various operating systems

**Drug Free Workplace:**

Boeing is a Drug Free Workplace (DFW) where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria is met as outlined in our policies.

**Pay & Benefits:**

At Boeing, we strive to deliver a Total Rewards package that will attract, engage and retain the top talent.

Elements of the Total Rewards package include competitive base pay and variable compensation opportunities.

The Boeing Company also provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and a number of programs that provide for both paid and unpaid time away from work.

The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location, date of hire, and the applicability of collective bargaining agreements.

Pay is based upon candidate experience and qualifications, as well as market and business considerations.

Summary Pay Range (Associate level): $91,800 - $124,200

Summary Pay Range (Mid-Level): $112,200 - $151,800

Applications for this position will be accepted until **Oct.

31, 2025**

**Export Control Requirements:** This position must meet export control compliance requirements.

To meet export control compliance requirements, a “U.S. Person” as defined by 22 C.F.R. §120.15 is required.

“U.S. Person” includes U.S. Citizen, lawful permanent resident, refugee, or asylee.

**Export Control Details:** US based job, US Person required

**Education**

Bachelor's Degree or Equivalent Required

**Relocation**

This position offers relocation based on candidate eligibility.

**Security Clearance**

This position requires the ability to obtain a U.S. Security Clearance for which the U.S. Government requires U.S. Citizenship.

An interim and/or final U.S. Secret Clearance Post-Start is required.
This position requires ability to obtain program access, for which the U.S. Government requires U.S. Citizenship only.

**Visa Sponsorship**

Employer will not sponsor applicants for employment visa status.

**Shift**

This position is for 1st shift

**Equal Opportunity Employer:**

Boeing is an Equal Opportunity Employer.

Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law.
Boeing is an Equal Opportunity Employer.

Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law.

Required Skill Profession

Other General