Mid-Level Cybersecurity Assessment Specialist – Millennium Space Systems

Job Description

At Boeing, we innovate and collaborate to make the world a better place. We’re committed to fostering an environment for every teammate that’s welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us.

Millennium Space Systems, a part of Boeing Defense, Space and Security (BDS), is a fast, agile small satellite company focused on national security space. Our missions have direct impact to global security, like missile warning and Earth observation.

Our team is curious, bold and innovative. We take risks, innovate and explore new techniques and technologies. We influence change because we challenge the status quo. And when we watch our satellites launch, we know each one of us made it happen.

JobSummary: 

TheMSS Ground Systems & Operations Organizationis looking for a Mid-Level Cybersecurity Assessment Specialist to join the team inBoulder, CO. 

This position involves performing adversarial security testing of the enterprise’s various Information Technology (IT) environments and penetration testingutilizingProof of Concept (PoC) and homegrown exploitation in addition to red teaming activities.

This individual must have strong foundational knowledge and workingproficiencyin both system administration and software development disciplines.

This position's internal job is Cyber Security Assessment Spec . Our team is currently hiring for 4.

Position Responsibilities:

• Conduct application and network layer penetration tests on various IT environments

• Conduct red teaming activities, including physical security penetration testing

• Perform independent pen testingutilizingnumerouspenetrationtesting tools andleveragingmainly manualtechniques, typically testing willnecessitatesource code analysis

• Write risk prioritized finding reports, debrief system owners and consult on remediation options

• Retest security vulnerabilities that have been identified as fixed to verify remediation 

• Contribute to pen testing, red teaming, tooling, and reportingmethodologyenhancements

• Evaluate effectiveness of defensive countermeasures and consult with blue teams to help improve detection methods and capabilitiesrequiredfor situational awareness

• Perform exploitation analysis and authors exploitation tools/techniques

• Experience performingACAS andOpenRMFcompliance scans for classified networks,identifyingweaknesses and reporting results toexternal organizations

• Experience with secure software development lifecycle and large-scale computing environments

• Experience working with Information Security principles, policies, and industry best practices including the Critical Security Controls (CIS), Open Worldwide Application Security Project (OWASP), Top 10 andMitreAdversarial Tactics, Techniques, and Common Knowledge (ATT&CK) framework

• Experience working with Authentication and Authorization Controls

• Experience working with common server applications such as Internet Information Services (IIS), Apache, Lightweight Directory Access Protocol (LDAP), Tomcat, and Secure Shell (SSH)

• Experience working with common network protocols such asHyperTextTransfer Protocol/HyperTextTransfer Protocol Secure (HTTP/HTTPS), Transmission Control Protocol/Internet Protocol (TCP/IP), and User Diagram Protocol (UDP)

Basic Qualifications (Required Skills/Experience):

• This position requires an active U.S. Top Secret Security Clearance with SCI eligibility (U.S. Citizenship Required). (A U.S. Security Clearance that has been active in the past 24 months is considered active)

• 9 or more years' related work experience or an equivalent combination of technical education and experience

• 1+ years of experience in server administration and file management structure

• 1+ years of experience in programming experience in Python, PHP, Perl, Ruby, .NET, or other interpreted or compiled languages

• 1+ years of experience in penetrating testing and vulnerability assessments using manual techniques and vulnerability testing tools (including scanners, sniffers,fuzzersand exploit tools such as Burp, Nmap, Kali and Metasploit)

• Experience leading andconductingvulnerability assessments and penetration testing of target systems and environments for multiple and undefined interfaces

• Experience performingassessment planningand analyzingarchitecture and system functionality for a broad range of technologies

• Experience configuringand conductingautomated scanning and manual testing

Preferred Qualifications (Desired Skills/Experience):

• Bachelor’s degree or higher in Engineering or STEM related field

• Experience developingsecurity control plan implementations across 10 NIST SP 800-53 control families for ATO submission supporting mission critical systems for a United States Space Force Space Operation Center

• Experience reviewingandadjudicatingRMF ATO artifacts, including thesoftware Assurance plans,trustedfiletransfer plan, RBAC matrix, and Vulnerability and Patch Management Plans

• Experience evaluatingsystem security configurations

• Experience configuringand conductingautomated scanning and manual testing

Conflict of Interest:

Successful candidates for this job must satisfy the Company’s Conflict of Interest (COI) assessment process.

Drug Free Workplace:

Millennium Space Systems, a Boeing Company, is a Drug Free Workplace (DFW) where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria is met as outlined in our policies.

Total Rewards:

At Millennium Space Systems, a Boeing Company, we strive to deliver a Total Rewards package that will attract, engage and retain the top talent.  Elements of the Total Rewards package include competitive base pay and variable compensation opportunities.  

Millennium Space Systems also provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and a number of programs that provide for both paid and unpaid time away from work.  

The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location, date of hire, and the applicability of collective bargaining agreements.

Pay is based upon candidate experience and qualifications, as well as market and business considerations.

Summary pay range:

• Level 4: $153,000 - $225,000

Millennium is DDTC-registered, ITAR-compliant Company. This position is located at a facility that requires special access. Applicants MUST be U.S. citizens and eligible for a security clearance. Additionally, applicants must be willing to apply for and maintain a security clearance. We encourage all interested candidates to apply for any open position for which they feel they are qualified.

Applications for this position will be accepted until May. 01, 2026

Export Control Requirements:

This position must meet U.S. export control compliance requirements. To meet U.S. export control compliance requirements, a “U.S. Person” as defined by 22 C.F.R. §120.62 is required. “U.S. Person” includes U.S. Citizen, U.S. National, lawful permanent resident, refugee, or asylee.

Export Control Details:

US based job, US Person required

Relocation

Relocation assistance is not a negotiable benefit for this position.

Security Clearance

This position requires an active U.S. Top Secret/SCI Security Clearance (U.S. Citizenship Required). (A U.S. Security Clearance that has been active in the past 24 months is considered active)

Visa Sponsorship

Employer will not sponsor applicants for employment visa status.

Shift

This position is for 1st shift

Equal Opportunity Employer:

Boeing is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law.