Graduate Product Security Engineer

Job Description
At Boeing, we innovate and collaborate to make the world a better place. We're committed to fostering an environment for every teammate that's welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us.
We're looking for a Graduate Product Security Engineer here at Boeing to join our growing team in Bristol and help shape the future of integrating security and resiliency across our products and services.
Product security engineering is a cross-cutting engineering function and a critical element of designing, delivering, and maintaining Boeing products and services. Our mission is to influence designs and implement security solutions that protect product integrity. You will join a highly energised team which is committed to staying ahead of evolving cyber threats, developing effective security measures, consistent standards, practices, and tools.
As a Product Security Engineer, you will support our vision to be the trusted global leader in product security engineering, contributing to product safety, integrity, and assurance across cyber-contested environments.
You will work with a multidisciplinary, enterprise-wide community to learn and apply best practices, tools, and solutions that protect complex systems, including IT, embedded, and non-IT environments. This role provides an opportunity to gain hands-on experience solving security challenges, contribute to security engineering practices, and help strengthen the resilience of Boeing's commercial and defence offerings.
Ideal candidates bring foundational knowledge and interest in some or all of the following: system security, systems engineering, safety/airworthiness, and testing.
If you are eager to start or grow a career advancing cybersecurity in aerospace & digital systems and want to make a meaningful impact on the future of our products and services, we encourage you to apply.
Position Responsibilities:
As a Graduate Product Security Engineer, you will engage in one or more of the following activities under guidance and supervision:

• Assists with the identification and support of product security requirements and architectures to meet certification and customer requirements.
• Participates in design and build activities to help integrate security features into products and services.
• Applies cybersecurity risk analysis techniques and supports threat assessments by collecting and documenting likelihood, impact, and mitigation information.
• Contributes to security assessments and audits to help identify vulnerabilities and recommend mitigations.
• Supports integration of security practices across the product lifecycle through collaboration with cross-functional teams.
• Communicates product security implications to internal stakeholders.
• Supports Senior PSEs in coordinating activities with governments, customers, suppliers, and industry to identify risks and help improve program and interfacing-system security standards and requirements.
• Gathers and applies cyber threat intelligence findings to inform product security activities.
• Participates in research and development tasks aligned to PSE goals and objectives and assists with basic R&D activities.
• Performs assigned system analysis and trade studies to help define technical concepts and proposed security solutions.
• Helps develop and improve tools, processes, and efficiencies to increase team productivity.
• Participates in program boards and reviews: collects data, prepares briefings, documents action items, and facilitates cross-team collaboration.
• Monitors emerging threats, vulnerabilities, and security technologies and reports findings to the team to improve product security posture.
• Assists with ensuring security of equipment, tools, data, networks, and resources used for product design, development, build, test, storage, delivery, operations, and support.
• Responds to assigned security-related requests and documents outcomes for review by senior engineers.
• Supports advisement activities by assisting with preparation of materials that describe security and certification considerations for customers, including potential consequences of modifying products and services.

Employer will not sponsor applicants for employment visa status.
This role is hybrid 3 days per week on-site.
Basic Qualifications (Required Skills/Experience):
The ability to obtain UK Security Clearance
Hands-on coursework, internships, or practical experience in one or more of the following areas:

• Cybersecurity and security risk / threat assessment
• Security design and analysis
• Network security architecture
• Embedded systems security and cyber-physical systems
• Systems hardening and security control implementation
• Cryptography and PKI
• Security testing and evaluation
• Trusted computing & anti-tamper engineering
• Aircraft communications standards & protocols (ARINC 400, 600, 800 series etc.)
• Secure Software Development Lifecycle (SDLC)

Preferred Qualifications (Desired Skills/Experience):

• Understanding of Concept of Operations (ConOps), requirements development, and use-case definition.
• Exposure to risk assessment and management, including threat modelling and vulnerability analysis for networked and embedded systems.
• Familiarity with cybersecurity audits & investigations and security incident response practices.
• Awareness of malware analysis, attack surface reduction, and security analysis techniques.
• Knowledge or interest in DevSecOps principles and practices.
• Familiarity with common networking and computing protocols and architectures (TCP/IP, OSI, UDP, serial/parallel communications, bus architectures).
• Understanding of hardware and software integration processes and secure-by-design principles.
• Familiarity with relevant standards and frameworks, including:
• RTCA/EUROCAE: DO-326B/ED-202B, DO-356A/ED-203A
• NIST: Risk Management Framework and SPs 800-30, 800-53, 800-160
• ISO/IEC: 27001/27002, 62443
• DEFSTAN: 05-138, 05-139
• Experience using or willingness to learn Model-Based Engineering (MBE) tools and languages such as UML/SysML, 3DX, CATIA, Cameo, and MagicDraw.
• Participation in competitions, collaborative projects, or contributions to student/professional organizations focused on cybersecurity and systems engineering is a plus.

Typical Education & Experience:

• Level 1: Typically 0-2 years' related work experience or an equivalent combination of technical education and experience.
• Education - Bachelor's degree or equivalent in Engineering, Engineering Technology (includes Manufacturing Engineering Technology), Computer Science, Engineering Data Science, Mathematics, Physics, or Chemistry.
• One or more early-career security certifications are desirable, including but not limited to: CompTIA Security+, (ISC)2 Certified in Cybersecurity, entry-level Cisco certifications, or similar.

Relocation:
This position does not offer relocation. Candidates must live in the immediate Bristol area or relocate at their own expense.
What Boeing offers you:
The Boeing benefits package goes above and beyond, focusing on your physical, emotional, financial and social well-being. Here's a snapshot of what we offer:

• Competitive salary and annual incentive plans
• Continuous learning: You'll develop the approach and skills to navigate whatever comes next
• Success as defined by you: We'll provide the tools and flexibility, so you can make a meaningful impact, your way
• Diverse and inclusive culture: You'll be embraced for who you are and empowered to use your voice to help others find theirs
• 23 days plus UK public holidays and a Winter Break between Christmas and New Year!
• Pension Plan with 10% employer contribution
• Company paid BUPA Medical Plan
• Short Term Sickness: 100% pay for the first 26 weeks!
• Long Term Sickness: 66.67% of annual salary from 27th week
• 6x annual salary life insurance
• Learning Together Programme to support your ongoing personal and career development
• Access to Boeing's Well Being Programs, tool and incentives
• Parental leave options are available!

Other appropriate background, experience and qualifications may be deemed acceptable
Applications for this position will be accepted until Jun. 30, 2026
Export Control Requirements:
This is not an Export Control position.
Relocation
Relocation assistance is not a negotiable benefit for this position.
Security Clearance
This position requires the ability to obtain United Kingdom Security Check.
Visa Sponsorship
Employer will not sponsor applicants for employment visa status.
Shift
Not a Shift Worker (United Kingdom)
Equal Opportunity Employer:
We are an equal opportunity employer. We do not accept unlawful discrimination in our recruitment or employment practices on any grounds including but not limited to; race, color, ethnicity, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military and veteran status, or other characteristics covered by applicable law.
We have teams in more than 65 countries, and each person plays a role in helping us become one of the world's most innovative, diverse and inclusive companies. We are a Disability Confident Committed employer and welcome applications from candidates with disabilities. Applicants are encouraged to share with our recruitment team any accommodations required during the recruitment process. Accommodations may include but are not limited to: conducting interviews in accessible locations that accommodate mobility needs, encouraging candidates to bring and use any existing assistive technology such as screen readers and offering flexible interview formats such as virtual or phone interviews.