Product Security Pentester (Experienced or Senior)
USA - Berkeley, MO
Full Time Senior-level / Expert Clearance required USD 101K - 166K
Boeing
Welcome to the official corporate site for the world's largest aerospace company and leading manufacturer of commercial jetliners and defense, space and security systems. Learn about our passion for innovation, our products, careers and more.Company:
The Boeing CompanyJob ID:
00000428267Date Posted:
2024-06-24Location:
USA - Berkeley, MOJob Description Qualifications:
The Boeing Test & Evaluation (BT&E) organization is seeking a Product Security Pentester to support cyber test capability. The selected applicant will join a highly technical Enterprise Test & Evaluation team building an offensive cyber test capability in Berkeley, MO.
This position will be providing testing services to Boeing Defense Space & Security (BDS) portfolio. The primary responsibilities will include Product Security (Cyber) test planning, integration, and execution, mission-based risk assessments, vulnerability assessments, and penetration tests. The selected candidate will become a St. Louis area team member trained across the broader BT&E enterprise Product Security Capability team with the opportunity to also contribute to innovation efforts advancing adversarial testing.
BT&E is currently hiring for a broad range of experience levels including Experienced and Senior level Product Security Pentesters.
Position Responsibilities Include:
- Lead execution of penetration tests to identify, exploit, and assess a target system’s vulnerabilities in a threat-representative manner
- Subject Matter Expert in analyzing advanced cyber adversary (advanced persistent threats) tactics, techniques and procedures (TTPs). Associate TTPs with vulnerabilities/penetrations discovered
- Lead controlled attack simulations that test the effectiveness of a blue team and its capabilities to detect, block, and mitigate attacks and breaches
- Analyze exploits and malware targeting modern operating systems and defenses
- Conduct reverse engineering activities
- Analyze penetration tests on modern Windows and Linux operating systems and IP-based networks
- Communicate recommendations for improvements via reports or presentations to customers using common frameworks such as MITRE ATT&CK, Cyber Kill Chain, etc.
This position is hybrid. This means that the selected candidate will be required to perform some work onsite at one of the listed location options. This is at the hiring team’s discretion and could potentially change in the future.
This position requires an active Secret U.S. Security Clearance (U.S. Citizenship Required). (A U.S. Security Clearance that has been active in the past 24 months is considered active.)
Basic Qualifications (Required Skills/Experience):
- Bachelor’s degree or higher
- 3+ years of experience leading or managing projects and/or teams
- 3+ years of experience working with Department of Defense (DoD) organizations, projects and/or programs
- 3+ years of experience planning and executing penetration testing of either IT based systems or Avionics embedded systems
Preferred Qualifications (Desired Skills/Experience):
- 5 or more years of related work experience or an equivalent combination of education and experience
- Demonstrated ability to engage with stakeholders to define/plan/resource/analyze solutions
- Experience testing and/or analyzing product systems
- Experience building and/or leading a technical test team
- Experience working with Product Security (non-IT) Cyber Compliance and/or Avionics Embedded systems risk management assessment
- Experience facilitating and/or supporting Cyber Table Top (or equivalent) exercises
- Experience planning and executing penetration tests in one or more of the following domains:
- Windows and Linux Operating Systems and IP-Based Networks
- Web Applications
- Avionics, Embedded Systems, Non-Standard Ethernet Protocols (ARINC, MIL-STD)
- RF interfaces
- Hardware
- Experience coordinating and presenting technical content to a diverse audience
- Experience with program planning (cost and schedule)
- Experience with Aircraft Platforms, Weapon Systems and/or C5ISR
- Knowledgeable in Cryptography and Reverse Engineering
- One or more of the following Certifications:
- Offensive Security Certified Engineer (OSCE)
- Offensive Security Certified Professional (OSCP)
- GIAC Certified Exploit Researcher and Advanced Penetration Testers (GXPN)
Typical Education/Experience:
Experienced (Level 3)
Education/experience typically acquired through advanced education (e.g. Bachelor) and typically 6 or more years' related work experience or an equivalent combination of education and experience (e.g. Master+4 years' related work experience, 10 years' related work experience, etc.).
Senior (Level 4)
Education/experience typically acquired through advanced education (e.g. Bachelor) and typically 10 or more years' related work experience or an equivalent combination of education and experience (e.g. Master+8 years' related work experience, 14 years' related work experience, etc.).
Relocation:
This position offers relocation based on candidate eligibility.
Drug Free Workplace:
Boeing is a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria is met as outlined in our policies.
Shift:
This position is for 1st shift.
At Boeing, we strive to deliver a Total Rewards package that will attract, engage and retain the top talent. Elements of the Total Rewards package include competitive base pay and variable compensation opportunities.
The Boeing Company also provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and a number of programs that provide for both paid and unpaid time away from work.
The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location, date of hire, and the applicability of collective bargaining agreements.
Pay is based upon candidate experience and qualifications, as well as market and business considerations.
Summary pay range for experienced level: $101,150 – $136,850
Summary pay range for senior level: $123,250 - $166,750
Applications for this position will be accepted through July 7, 2024.
Boeing is the world's largest aerospace company and leading manufacturer of commercial airplanes and defense, space and security systems. We are engineers and technicians. Skilled scientists and thinkers. Bold innovators and dreamers. Join us, and you can build something better for yourself, for our customers and for the world.
Relocation:
Relocation is available for eligible candidates, if authorizedExport Control Requirement:
U.S. Government Export Control Status: This position must meet export control compliance requirements. To meet export control compliance requirements, a “U.S. Person” as defined by 22 C.F.R. §120.15 is required. “U.S. Person” includes U.S. Citizen, lawful permanent resident, refugee, or asylee.Safety Sensitive:
This is not a safety sensitive positionContingent Upon Award Program
This position is not contingent upon program awardExperience Level:
Individual Contributor - 3Job Type:
RegularJob Code:
6M05I3 (6M5)Equal Employment Opportunity:
Stay safe from recruitment fraud! The only way to apply for a position at Boeing is via our Careers website.
Learn how to protect yourself from recruitment fraud - Recruitment Fraud Warning
Boeing is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law.
Request an Accommodation - Requesting Interview Accommodations
Applicant Privacy - Applicant Privacy
EEO is the law Poster - EEO is the law
Boeing Policy on EEO - Boeing EEO Policy
Affirmative Action and Harassment - Boeing Affirmative Action and Harassment
Boeing Participates in E – Verify
- English - E-Verify (English)
- Spanish - E-Verify (Spanish)
Right to Work Statement
- English - Right to Work (English)
- Spanish - Right to Work (Spanish)
Tags: Blue team C Clearance Compliance Cryptography Cyber Kill Chain DoD Exploit Exploits GIAC GXPN Linux Malware MITRE ATT&CK Offensive security OSCE OSCP Pentesting Privacy Product security Reverse engineering Risk assessment Risk management Security Clearance TTPs Vulnerabilities Windows
Perks/benefits: Competitive pay Flex hours Insurance Relocation support Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Product Security Engineer jobs
- Open Cloud Security Architect jobs
- Open Security Operations Engineer jobs
- Open Information Security Specialist jobs
- Open Information Security Officer jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Security Consultant jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information System Security Officer jobs
- Open Senior Information Security Engineer jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open Threat intelligence-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Java-related jobs
- Open DevSecOps-related jobs