Job Description
At Boeing, we innovate and collaborate to make the world a better place. From the seabed to outer space, you can contribute to work that matters with a company where diversity, equity and inclusion are shared values. We’re committed to fostering an environment for every teammate that’s welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us.
Why Choose Boeing Digital Aviation:
At Boeing Digital Aviation Solutions, you’ll be a part of a team that creates innovative digital solutions and analytics that drive the future and evolution of Digital Aviation and enable our customers to transform the way they do business. Using agile digital technology, our solutions optimize all aspects of the flight ecosystem including safety, environmental sustainability, and efficiency – delivering value and protecting our customers and the planet.
Who We Are Looking For:
The Boeing Digital Aviation Solutions (DAS) Application Engineering Senior Cloud and Product Security Architect must have broad cloud and application security background with experience in leading the definition and implementation of secure architecture and coding best practices for cloud native, customer-facing software solutions. The candidate needs strong technology leadership, analytical skills, teamwork, and excellent communication skills. The candidate will need to communicate at different levels in the organization to other technical personnel, business leaders and customers. This role will drive best-in-class software security practices into the Application Engineering organization in support of DAS modernization efforts to bring market-leading solutions to our aviation customers.
What You Will Do:
• Develop and lead implementation of security architecture and secure coding standards and strategies for DAS software solutions.
• Contribute to the definition of overall DAS architecture security principles, guidelines, patterns, training, and standards.
• Drive adoption of DevSecOps practices into the software engineering organization by working directly with teams on implementation.
• Provide effective communication to business and technical community on security architecture topics.
• Perform security tool evaluations and make recommendations for adoption.
• Assess security impact of architectural decisions to product lifecycle.
• Lead the identification of design constraints and ensure architecture conforms to security requirements.
• Work across software engineering teams and architects for end to end alignment, process improvements and future designs.
• Contribute to the standard software artifacts including the Software Architecture Document, Software Architecture models and other standard artifacts.
• Work with customers to understand their security requirements.
• Ensure compliance with Boeing Information Security requirements.
• Collaborate with cloud service providers, Boeing InfoSec and Boeing Enterprise External Cloud teams to architect best-of-breed application security solutions across multiple clouds.
• Review internal and vendor artifacts for security architecture compliance.
What You Will Need:
• Bachelor’s degree or higher in related field
• Highly technical and analytical, possessing 10 or more years of IT implementation experience.
• 5+ years’ experience in IT security, compliance and risk management, including privacy, controls, etc.
• Hands-on technical expertise in Security Architecture, automation, integration, and deployment (DevSecOps).
• Strong verbal and written communications skills and ability to lead effectively across organizations.
Additional Success Factors:
• Proven experience leading a globally distributed team
• Proven experience to research, advise, compare and recommend technology solutions; ability to demonstrate and maintain method of keeping current on new technologies
• Proven ability to deliver application and infrastructure security solutions in a multi-cloud environment
• DevSecOps automation best practices
• DFARS/FedRAMP/ITAR
• NIST Cybersecurity Framework
• ISO 27001
• Security Development Lifecycle
• AWS/Azure/GCP Security services
• Cloud Security monitoring process
• Certificate Management
• Threat modeling
• Dynamic and Static Application Security Testing (DAST & SAST)
• Software Composition Analysis
Typical Education & Experience:
Education/experience typically acquired through advanced education (e.g. Bachelor) and typically 10 or more years' related work experience or an equivalent combination of education and experience (e.g. Master+6 years' related work experience)
Relocation:
Relocation assistance is not a negotiable benefit for this position. Candidates must live in the immediate area or relocate at their own expense.
This position is hybrid. This means that the selected candidate will be required to perform some work onsite 3 days a week. This is at the hiring team’s discretion and could potentially change in the future.
Employer will not sponsor applicants for employment visa status.
At Boeing, diversity, equity, and inclusion are enduring company values. We strive to live these values every day not only because it’s the right thing to do, but because our success depends on it. The company’s commitment to diversity and inclusion providing a work environment for all employees that is welcoming, respectful and equitable, with opportunities for personal and professional development.
Export Control Requirements: Not an export control position
Equal Opportunity Employer:
We are an equal opportunity employer. We do not accept unlawful discrimination in our recruitment or employment practices on any grounds including but not limited to; race, color, ethnicity, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military and veteran status, or other characteristics covered by applicable law.
We have teams in more than 65 countries, and each person plays a role in helping us become one of the world’s most innovative, diverse and inclusive companies. We are proud members of the Valuable 500 and welcome applications from candidates with disabilities. Applicants are encouraged to share with our recruitment team any accommodations required during the recruitment process. Accommodations may include but are not limited to: conducting interviews in accessible locations that accommodate mobility needs, encouraging candidates to bring and use any existing assistive technology such as screen readers and offering flexible interview formats such as virtual or phone interviews.