Experienced Product Security Analyst
Company: BOEING
Location: Everett
Posted on: May 11, 2022
|
|
Job Description:
Job Description
At Boeing, we innovate and collaborate to make the world a better
place. From the seabed to outer space, you can contribute to work
that matters with a company where diversity, equity and inclusion
are shared values. We're committed to fostering an environment for
every teammate that's welcoming, respectful and inclusive, with
great opportunity for professional growth. Find your future with
us.
We're looking for Experienced Product Security Analysts to join our
established team within Boeing Commercial Airplanes.
The ideal candidates will have knowledge of cyber security concepts
and techniques including network architecture, embedded systems
security, cyber physical systems or PKI infrastructure.
The successful candidate will be able to demonstrate some technical
skills and capabilities in the support of testing Ethernet enabled
systems onboard aircraft and associated ground systems. Activities
include but are not limited to white box and black box testing of
systems to evaluate security controls and system design for
vulnerabilities.
Position Responsibilities:
Assist lead engineers to conduct vulnerability assessments and
penetration testing.
Assist in analyzing architecture and system functionality for a
broad range of technologies including cyber-physical and embedded
systems.
Assist in conducting automated scanning and manual testing.
Evaluate system security configurations.
Perform exploit analysis and author exploitation
tools/techniques.
Assist evaluating findings and perform root cause analysis.
Assist with in preparing and presenting technical reports and
briefings.
Assist in conducting customer remediation reviews.
Familiarity with common ports, protocols, and services such as SSL,
SSH, TCP/IP, UDP, DNS, NFS, LDAP, HTTP.
Knowledge of public key infrastructure, certificates, and public/
private key pairs, hashes, and checksums.
Ability to analyze and correlate events in Linux audit logs,
security logs, syslogs and application logs.
Excellent problem-solving skills and the ability to evaluate
findings and conduct root cause analysis.
Ability to identify likely attack chain based on architecture of
systems and communicate risk.
Researches, analyzes and compiles technical data to support the
integration of security and resiliency into products and services
throughout the lifecycle of the product/service to meet all
applicable certifications and customer requirements.
Researches, collects, interprets, tests, and analyzes technical
data for system-level product security concepts in the projected
operational environments to optimize effectiveness over the program
lifecycle.
Performs product security risk/attack surface/vulnerability
analyses and security audits of applications and application stacks
of various provenances.
Analyzes, triages, aggregates, escalates, and reports relevant
product security and anti-tamper data and other information sources
for attack indicators and potential security breaches.
Coordinates during incidents.
Correlates and performs trend analysis. Analyzes malware and
attacker tactics to improve detection capabilities.
Prepares and presents technical reports and briefings.
This position must meet Export Control compliance requirements,
therefore a "US Person" as defined by 22 C.F.R. - 120.15 is
required. "US Person" includes US Citizen, lawful permanent
resident, refugee, or asylee.
Employer will not sponsor applicants for employment visa
status.
Basic Qualifications (Required Skills and Experience):
Technical Bachelor's, Master's or a PhD degree (A technical degree
is defined as any four-year degree, or greater, in a mathematics,
scientific or information technology field of study)
6+ years of work-related experience in Cybersecurity
Preferred Qualifications (Desired Skills and Experience):
Experience and/or coursework in cybersecurity, security network
architecture, embedded systems security, security testing and
evaluation, network design,cyber physical systems or PKI
infrastructure.
Possess any of these certifications: CISSP, Security+, CEH, CCNA,
UNIX/LINUX System Administration, GIAC GPEN or GWAPT
Typical Education/ Experience:
Education/experience typically acquired through advanced education
(e.g. Technical Bachelor's degree) and typically 6 or more years'
related work experience or an equivalent combination of education
and experience (e.g. Master+4 years' related work experience, 10
years' related work experience, etc.).
Relocation:
This position offers relocation based on candidate eligibility.
Employee Referral Program:
This job is eligible for the Employee Referral Program
Drug Free Workplace:
Boeing is a Drug Free Workplace where post offer applicants and
employees are subject to testing for marijuana, cocaine, opioids,
amphetamines, PCP, and alcohol when criteria is met as outlined in
our policies.
Shift:
This position is for 1st shift.
Equal Opportunity Employer:
Boeing is an Equal Opportunity Employer. Employment decisions are
made without regard to race, color, religion, national origin,
gender, sexual orientation, gender identity, age, physical or
mental disability, genetic factors, military/veteran status or
other characteristics protected by law.
Keywords: BOEING, Everett , Experienced Product Security Analyst, Professions , Everett, Washington
Click
here to apply!
|