The Boeing Company Cyber Security Vulnerability Analyst in Saint Louis, Missouri
The Cyber Security Vulnerability Analyst position is part of the Information Security Vulnerability Management / Red Team, working across assessment teams to perform in-depth exploit analysis based on configurations deployed on the network / perimeter. The position requires a broad understanding of technologies and be proficient in evaluating risk based on offensive tactics and defense in depth controls.
The role is responsible for:
Perform daily triage based on intelligence / published threats
Evaluate effectiveness of defensive countermeasures to reduce risk of exploitation
Provide input on priority in order to guide remediation efforts
Improve detection methods and capabilities required for situational awareness
Perform hands on technical validation of vulnerability to determine risk to different configurations and priorities for remediation
Reverse engineer exploits and/or automate detection methods for industry risks and systemic red team findings
Act as Cybersecurity liaison to the team maintaining an awareness of threats, trends, and research for evolving threats
Communicate current Cybersecurity threats and educate stakeholders on risks and recommendations.
Optimize the Cyber Intel & Assessments team through continuous learning, guidance, and construction best practices to improve detection methods.
Perform independent testing and documentation of complex computing risks related to applications, software system architectures or computing architecture and computing application system designs.
Mentor less experienced personnel.
Boeing is the world's largest aerospace company and leading manufacturer of commercial airplanes and defense, space and security systems. We are engineers and technicians. Skilled scientists and thinkers. Bold innovators and dreamers. Join us, and you can build something better for yourself, for our customers and for the world.
This position requires the ability to obtain a US Security Clearance, for which the US Government requires US Citizenship .
Technical bachelor's degree and typically 5 or more years' related work experience or a Master's degree with typically 3 or more years' experience
Mature discipline and a thirst for continuous improvement and learning is a must
Broad depth of systems engineering experience along with deep Cybersecurity skills including hands on experience with penetration testing, vulnerability assessments, applications, and IT infrastructure.
Minimum 3 years’ experience penetrating testing and vulnerability assessments using manual techniques and vulnerability testing tools (including web proxies, scanners, sniffers, fuzzers and exploit tools such as Metasploit)
Minimum 3 years’ experience in various system administrator tasks on Windows and Linux operating systems.
Fundamental knowledge of information security principles, policies, and industry best practices including the CIS Critical Security Controls.
Fundamental knowledge of cloud-based architectures
Understanding of Authentication and Authorization Controls
Fundamental knowledge of common server applications such as IIS, Apache, LDAP, Tomcat, ssh.
Fundamental knowledge of common network protocols such as HTTP/HTTPS, TCP/IP, UDP
Experience conducting technical research and critical contrast of solution alternatives
Able to obtain a security clearance and appropriate professional certifications (e.g. OSCP, CISSP, CEH, GIAC).
Focus on first time quality and continuous maturity of vulnerability management disciplines.
Strong written and verbal communication skills.
Desire to grow technical skills, and participate in the broader Boeing information security community.
Job Cyber Security Assessment Spec
Organization: Information Security
Title: Cyber Security Vulnerability Analyst
Other Locations: United States-Missouri-Saint Louis, United States-Arizona-Mesa
Requisition ID: 1800076940