Senior Cloud Security Engineer
Vacancy expired!
Job DescriptionAt Boeing, we innovate and collaborate to make the world a better place. From the seabed to outer space, you can contribute to work that matters with a company where diversity, equity and inclusion are shared values. We're committed to fostering an environment for every teammate that's welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us.The Boeing Defense Space & Security (BDS) Product Security Engineering team is responsible for the cybersecurity and resiliency of Boeing products and services and we are looking for talented engineers to join our team. BDS Product Security Engineering is seeking an experienced Senior Cloud Security Engineer - Level 4 (CSE). This position will serve as the resident security focal of an agile product development team in the Cloud Engineering Environment, and will report laterally to Product Security Engineering. As part of Boeing's Enterprise DevSecOps transformation, the CSE will bring expertise to design, build, secure, operate, and monitor AWS GovCloud engineering environments to meet program needs and security requirements.The CSE shall assist the PSE team by implementing NIST 800-171 security controls and documenting implementations within the DFARS System Security Plan (SSP). Once approved, the resulting environment shall be repeatable and deployable for use by additional product teams. The CSE will also have a pivotal role post-approval operations, by upholding compliance with numerous policies and ensuring teams maintain cloud tenancy.This position allows telecommuting and does require applicants to live in either of the listed location options: Bridgeton, MO, El Segundo, CA, Colorado Springs, CO, Plano, TX or Fairfax, VA full-time.Position Responsibilities:As an integral member of the team, you will be:
- Provisioning and managing infrastructure, automating processes, and monitoring security
- Supporting security readiness reviews, transitioning current Program environments to AWS GovCloud, and continuing to support approved tenant environments
- Implementing and upholding security policies, processes, and procedures for program DevSecOps environments
- Contributing to development of the cloud security architecture by proposing design improvements, evaluating changes against requirements and system security plans
- Applying security and software assurance best practices for the integration of security into the software development lifecycle and automating and enforcing those checks in pipelines
- Supporting the development of security-related infrastructure or processes including Security Information and Event Management (SIEM) monitoring, auditing, and incident response
- Supporting threat modeling by verifying network flows, firewall policies, and logical data flows to mitigate risk and validate architecture
- Defining Role Based Access Control and utilizing AWS Identity and Access Management (IAM) to set user permissions and policies.
- Performing vulnerability management of risks, threats, and vulnerabilities
- Working with geographically-dispersed interdisciplinary team of IT, Software Engineering, Systems Engineering, Security Engineering, and Program Management professionals
- One to three years of experience relevant to Cloud Security
- Experience working with cybersecurity standards and practices such as those discussed within NIST 800-171 and 800-53, or Cybersecurity Maturity Model Certification (CMMC) domains.
- Experience with security tools, for example code analysis, OS hardening, vulnerability scanning
- Experience with security infrastructure, product and cybersecurity systems analysis, design, development, and testing
- Experience creating security documentation and system security plans
- Experience as a member of an agile development team
- Experience with AWS cloud architecture, machine images(AMI), and services
- Experience with DevSecOps principles and tools, for example, IaC, CaC, SaC, Gitlab, Bitbucket, Artifactory, Terraform, Ansible, Jenkins, Kubernetes, Docker, Podman
- Experience with automation and CI/CD techniques and design patterns
- SIEM technologies, incident reporting/response, root cause analysis, and recovery plans
- Training or Certifications including CISSP, Security +, Cloud +, Certified Cloud Security Professional (CCSP), or AWS Cloud Skills Courses
Vacancy expired!