Cybersecurity Engineer (Level 4)
The selected candidate will support Leidos at the NATO Communications and Information (NCI) Agency office located in The Hague, Netherlands. Duties include but are not limited to the design, implementation and integration of cybersecurity into the organizations’ Ballistic Missile Defence (BMD) architectural model. This includes alignment with NATO STANAG’s, AQAP’s and Directives as they pertain to the NCI Agency Computer Systems Information (CSI) Service Line security framework and the NGCS Enterprise system accreditation processes and procedures, and as-is assessments of the existing NATO security framework, to include security policy documentation and capability packages, against state of the art best practice for CSI security, to include cybersecurity, industrial security, and threat response. The as-is assessment culminates with a review of contracted capabilities vs. architectural requirements as well as an operational assessment of deployed systems to clearly define and document any potential gaps between the best practice framework and the operational reality.
Following detailed assessments, the candidate will formulate a recommendation for consideration by the NATO national representatives who sit on the BMD Steering Committee (SC). This recommendation will be vetted by an integrated product team (IPT) consisting of national representatives assigned by the NATO nations prior to submission to the SC for approval to implement required security enhancements. Recommendations could involve changes to NATO level policy which would require executive level board approvals or may involve the release of BMD capability packages as the precursor to BMD requirements development and insertion into the existing BMD Architectural model to be flowed down to Agency wide implementation products. Ultimately, the solution must support existing acquisition strategies and work within the confines of the chosen framework providing an acceptable balance between reasonableness, safety (system will be capable of launching missiles), and cost/time/resources commitments.
Once requirements have been accepted for implementation, the candidate must work within the international community to manage a diverse set of stakeholders with occasional conflicting interests to ensure both the consensus and support of key stakeholders from both the political and operational communities. Candidate must demonstrate the usual knowledge of cybersecurity architectures, requirements definition and risk management within a complex systems engineering Programme of work. Additional knowledge of BMD terminology, C2 command and control systems, weapons systems, and other architectural artefacts is highly desired. The candidate must have experience supporting impact analysis for engineering solutions and understand the development of risk management artefacts supporting security solutions in compliance with security controls. The candidate must understand the use of foundation systems engineering artefacts describing architectures, requirements, interfaces, use cases, and data flows to develop artefacts that map cybersecurity services. The candidate should understand implementation in multi-layered and multi-tenant environments, and exhibit a solid knowledge of cybersecurity engineering and risk management within the product and service lifecycle.
The candidate shall meet the following requirements:
• NATO Secret security level clearance
• 10+ years of security/cybersecurity system engineering
• Demonstrated progression of responsibility including management of multiple FTE
• Demonstrated collaborative ability in an international environment
• Demonstrated leadership ability in a matrixed environment and without inherent authority
• Excellent communications skills (written and oral) in the English language
• Excellent collaboration skills in a multinational technical and management team environment
• Identity and access management, audits, ports and protocol services, intrusion prevention/detection, endpoint security, defensive coding practices
The following skills and knowledge areas are desirable:
• Experience with architectural frameworks such as DoDAF, NAF and/or TOGAG
• Monitor, detect, test and integrate vulnerabilities throughout the lifecycle of systems
• Monitors, assesses, and mitigates emerging threats and vulnerabilities against the system
• Vulnerability, incident, and continuity of operations management and processes
Job is located off-site at customer facility in The Hague, Netherlands.
This position is contingent on acceptance of the candidate by the industry partner resource control board. In the event that the industry partner control board does not approve the candidate, the candidate may be removed from consideration for the position and any outstanding offer of employment may be withdrawn.
Important information regarding this requisition: This requisition is for an international, locally hired position. Boeing will attempt to obtain immigration and labor sponsorship for selected candidate; Candidate must be able to obtain work authorization for the Netherlands.Benefits and pay are determined at the local level and are not part of Boeing U.S.-based payroll. The Boeing Company is an equal opportunity employer with a policy to attract and retain the best qualified people available. At Boeing, we know there is a whole world outside of work, and we endeavor to provide you with programs that help you make the most of it. We offer competitive salaries, advancement opportunities, and a full range of benefits including an education assistance program. All information provided will be checked and may be verified.