Product Security Engineer – Mid-level/Senior
Boeing
full-time
Posted on:
Location Type: Office
Location: Everett • Washington • 🇺🇸 United States
Visit company websiteSalary
💰 $119,850 - $197,800 per year
Job Level
Senior
Tech Stack
AWSAzureCloudCyber SecurityJavaLinuxPythonSubversion
About the role
- Develop and enhance the enterprise OT Vulnerability Management Program to deploy OT aware scanning and patching tooling across targeted OT environments such as production equipment, facilities, and labs
- Implement continuous asset discovery and credentialed/passive vulnerability scanning with centralized ingestion to Boeing SIEM and consolidated reporting
- Formalize the OT Security lifecycle workflows with risk-based prioritization, ticketing and verification workflows, exception documentation, and compensating control processes
- Design, build, and validate a safe patching infrastructure, including vendor sourcing, patch staging, test lab validation, deployment orchestration, rollback procedures, and change control coordination
- Create and maintain procedures for reproducing, testing, and validating OT vulnerabilities using deployed tooling to ensure reliable remediation and verification
- Coordinate with cross functional stakeholders (manufacturing, IT, safety, vendors) to implement mitigations, minimize operational impact, track program metrics and continuously improve
- Support incident response (IR) and root‑cause analysis for OT security events, including coordination with the IR team, safety, and operations teams
- Mentor junior engineers and participate in cross‑functional design reviews
- Contribute to roadmaps, budget justification, and vendor evaluations to evolve the OT security program
Requirements
- Bachelor of Science degree from an accredited course of study in Engineering, Engineering Technology (including Manufacturing Technology), Computer Science, Data Science, Mathematics, Physics, or Chemistry
- Deep understanding of cybersecurity controls, frameworks, and the vulnerability management lifecycle
- Experience in design, management, and troubleshooting of industrial control systems
- Proven experience in hardening both Windows and Linux operating systems
- Working knowledge of a vulnerability scanning tool such as Nessus, Qualys, OpenVAS, etc
- Working knowledge of a source control tool such as GIT, Subversion, CVS, etc
- Working knowledge of cloud security in a cloud platform such as AWS, Azure, Google Cloud, etc
- Working knowledge of a programming or scripting language (i.e. python, C++, java, etc)
Benefits
- health insurance
- retirement savings plans
- life and disability insurance programs
- flexible spending accounts
- health savings accounts
- paid time off
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
vulnerability managementcybersecurity controlsindustrial control systemsWindows operating system hardeningLinux operating system hardeningvulnerability scanningcloud securityprogrammingscriptingpatch management
Soft skills
mentoringcross-functional collaborationincident responseroot-cause analysisrisk-based prioritizationcommunicationorganizational skillsstakeholder coordinationcontinuous improvementdocumentation