Role Description In this role, you will help protect customers and U.S. Bank by detecting, investigating, and preventing fraudulent activity across several products. You will research transactions and digital interactions with U.S. Bank. Types of activity include, but are not limited to: - Money movement through Wire, ACH, RTP, P2P, Zelle, and FedNow channels - Website and mobile application usage anywhere our customers are in the world To be successful in this role, you need to have excellent investigative techniques, knowledge of the banking industry, and be digitally engaged with mobile and online applications. A top-notch fraud analyst should be able to: - Work quickly, sometimes under pressure - Have meticulous attention to detail This position will work cases using various investigation methods and tools. Customer contact via email/phone is frequently needed for the investigations. If fraud is suspected or confirmed, the analyst will stop or return the transaction in question if possible. Key accountabilities: - Monitors account activity to identify fraudulent financial transactions and violations - Secures accounts to prevent losses - Coordinates with internal departments to validate that charges are authorized - Works with merchants to resolve customer service issues or fraudulent activity - Maintains merchant processing statistics and records - Representing US Bank professionally via inbound/outbound calls related to fraud mitigation operations Qualifications - Ability to interpret technical and administrative instructions independently and use them as a guide in solving similar problems or situations - Experience with loss mitigation - Proven experience in constantly meeting performance metrics - SLA adherence and Quality Assurance (QA) accuracy - Effective verbal and written communication skills - Proficient computer navigation skills using a variety of software packages, including Microsoft Office applications - Excellent English (written and spoken - C1). Fluency in Spanish is a plus but not required. - Three to five years of relevant work experience (preferably in fraud prevention, risk, or a related field) - Willingness to contact customers via phone or in writing when necessary to verify suspicious activity - Ability to make risk-mitigating decisions with excellent accuracy levels - Strong time management skills in a fast-paced, SLA-driven environment - High school diploma or equivalent Requirements - Working hours from 21:30-5:00 - Tuesday-Saturday - Afternoon/night shifts (throughout the week/weekends) with flexible scheduling - This role is remote - This position is not eligible for visa sponsorship Benefits - Market-competitive compensation package that includes clearly defined salary ranges aligned with industry benchmarks and internal equity standards - Performance-based incentives for eligible employees, awarded through transparent, objective criteria that recognize both individual and company performance - Inclusive equitable benefits that are accessible to all employees and focused around our 3 main pillars of financial wellbeing, health & wellness - Continuous development opportunities including training, education support, and career progression pathways based on inclusive and transparent criteria - Employee recognition programs that celebrate achievements and milestones for all

• Completes risk control assessments for prospective, new and renewal accounts for the purpose of making risk determinations for underwriting. • Develops corresponding recommendations for risk reduction on identified exposures. • Performs a combination of duties in accordance with departmental guidelines. • Performs risk assessments for low to moderate risk assignments for prospective, new and renewal business to support underwriting process. Includes recommending solutions to customers to minimize risk. • Assists senior risk control staff on more complex assignments. • Develops risk assessment reports and utilizing risk control and other CNA systems. • Develops customer correspondence to confirm onsite risk assessments and corresponding recommendations or business solutions to minimize identified risk exposures. • Partners with underwriting to review accounts for branch operational issues, profitability, claims, agency management, etc. • May be required to perform jurisdictional inspections. • Makes field visits with underwriters or senior Risk Control staff to agents/brokers to build relationships and market Risk Control products and services. • Interacts with Claims as necessary to obtain more information on specific claims on assigned accounts as well as the overall claims process. • Develops skills to identify root cause of loss trends and emerging issues.

Job Description At Boeing, we innovate and collaborate to make the world a better place. We're committed to fostering an environment for every teammate that's welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us. We are seeking a highly experienced Senior Cybersecurity Third-Party Risk Analyst to perform advanced, technical assessments of third-party cyber risk and to design automation and process improvements using configuration, integration, and agentic AI capabilities. This senior individual contributor will focus on developing hands-on assessment processes to evaluate vendor controls, validate technical evidence, and drive remediation recommendations - while also building robust automation and configuration assets (scripts, connectors, playbooks, and AI agents) to scale assessment throughput, improve data quality, and accelerate risk decisions. A strong emphasis on lean process enhancement will ensure the program delivers higher velocity, lower waste, and measurable improvements in assessment quality and cycle time. Though the position is primarily remote, there will be times to go into a Boeing facility. Candidates must live near a Boeing Facility or be willing to relocate at their own expense. This position requires candidates to be a US Person (Green Card holder or US Citizen) Key Responsibilities - Design & Execute end-to-end cybersecurity third-party assessments for strategic and high-risk vendors, including questionnaire reviews, technical evidence validation, architecture reviews, cloud configuration analysis, IAM assessments, encryption and key management reviews, logging/monitoring validation, and vulnerability/penetration test interpretation. - Produce repeatable processes that create clear, prioritized risk findings and remediation guidance tailored to vendor risk and business impact - Design, build, and maintain automated assessment capabilities: evidence collection scripts, API connectors, ETL pipelines, data validation routines, and integration points with TPRM/GRC platforms (Aravo, ServiceNow GRC, RSA Archer, OneTrust, etc.). - Develop and deploy agentic AI components (e.g., automated evidence triage, document ingestion and extraction, risk-scoring assistants, remediation suggestion agents) while ensuring safe, auditable, and privacy-preserving behavior. - Lead lean process improvement initiatives across the assessment lifecycle: map value streams, eliminate waste, reduce handoffs, optimize SLAs, and implement continuous improvement cycles to increase throughput and quality. - Create and maintain technical assessment artifacts: standardized templates, evidence matrices, technical checklists, assessment playbooks, and scoring rubrics that support repeatability and auditability. - Validate and tune automated scoring models and AI outputs; perform periodic calibration and manual reviews to ensure accuracy and reduce false positives/negatives. - Collaborate closely with Procurement, Legal, Security Operations/CIRT, Privacy, and other business stakeholders to ensure technical assessment findings map to contractual requirements and incident response expectations. - Support remediation verification and re-assessment - use automation to track evidence submission, validate fixes, and update risk status. - Maintain strong documentation & processes to support change management of automation logic, AI agent behaviors, data mappings, integration schemas - Stay current on emerging attack techniques, supply chain threats, automation best practices, responsible AI controls, and lean methods; propose and implement improvements. Basic/Required Qualifications - 5+ years of cybersecurity experience with at least 3 years focused on third-party/vendor security assessments or equivalent technical assessment roles. - Deep hands-on expertise reviewing technical artifacts: cloud console evidence (AWS/Azure/GCP), architecture diagrams, IAM configurations, network security, encryption, logging/monitoring, vulnerability scans, and penetration test reports. - Proven ability to translate technical findings into concise executive-level summaries and remediation plans; excellent written and verbal communication skills. - Demonstrated experience applying lean principles or continuous improvement methods to operational processes - ability to run value stream mapping, define and measure waste, and implement sustainable improvements. - Comfortable working independently as a senior individual contributor and coordinating across technical and non-technical stakeholders; experience in agile environments and using agile tooling (ADO, JIRA). Preferred Qualifications - Bachelor's degree in Computer Science, Information Security, Engineering, or related technical field; advanced degree (MS or equivalent) preferred. - Industry recognized security certifications (CISSP, CISM, CRISC) and/or cloud security certifications (AWS/Azure/GCP Security) preferred. - Strong configuration skills for security/TPRM tooling (Aravo, ServiceNow GRC, RSA Archer, OneTrust, or similar) including forms, workflows, scoring, and data model configuration. - Formal training or certification in Lean/Six Sigma, Kaizen, or similar continuous improvement methodologies. - Practical experience designing, training, or integrating agentic AI components (LLM orchestration, retrieval-augmented generation, agent frameworks) into security processes - able to implement guardrails, audit logging, and privacy controls. - Prior experience implementing AI governance for security use cases - Familiarity with software supply chain risk concepts (SBOMs) - Experience with SIEM/SOAR integrations, vulnerability management platforms, and continuous monitoring - Experience working in regulated industries (finance, aviation, healthcare, defense) or with global privacy/regulatory requirements (GDPR, CMMC, etc...). Typical Education/Experience: - Education/experience typically acquired through advanced education (e.g. Associate) and typically 2 or more years' related work experience or an equivalent combination of education and experience (e.g. Bachelor+1 years' related work experience, 5 years' related work experience, etc.). Relocation: Relocation assistance is not a negotiable benefit for this position. Candidates must live in the immediate area of a Boeing facility or relocate at their own expense. Drug Free Workplace: Boeing is a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria are met as outlined in our policies. Pay & Benefits: At Boeing, we strive to deliver a Total Rewards package that will attract, engage and retain the top talent. Elements of the Total Rewards package include competitive base pay and variable compensation opportunities. The Boeing Company also provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and several programs that provide for both paid and unpaid time away from work. The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location, date of hire, and the applicability of collective bargaining agreements. Pay is based upon candidate experience and qualifications, as well as market and business considerations. Pay Range is dependent on geographical location and experience: Senior - $128,700 - $181,500 Applications for this position will be accepted until Apr. 04, 2026 Export Control Requirements: This position must meet U.S. export control compliance requirements. To meet U.S. export control compliance requirements, a "U.S. Person" as defined by 22 C.F.R. §120.62 is required. "U.S. Person" includes U.S. Citizen, U.S. National, lawful permanent resident, refugee, or asylee. Export Control Details: US based job, US Person required Relocation Relocation assistance is not a negotiable benefit for this position. Visa Sponsorship Employer will not sponsor applicants for employment visa status. Shift This position is for 1st shift Equal Opportunity Employer: Boeing is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law.

About Blackhawk Network Today, through BHN’s single global platform, businesses of all kinds can tap into the world’s largest network of branded payment solutions. BHN helps businesses grow revenue, increase loyalty, motivate and reward their teams, disburse funds and engage consumers. Branded payment solutions include the issuance and distribution of gift cards, egifts, corporate payouts and rewards, along with the technology to deliver these products in seamless, integrated ways. BHN’s network spans the globe with more than 400,000 consumer touchpoints. Learn more at BHN.com. This position may be performed remotely anywhere within the United States except for the State of Alaska, North Dakota, or South Dakota. Employees located within 50 miles of a BHN office will be considered a "Hybrid" employee and are required to come into the office 2 days per week based on office schedule. Overview The Senior Enterprise Risk Manager at Blackhawk Network (BHN) oversees and implements the enterprise risk management (ERM) framework. This role works directly with BHN’s regulated entities and Group-level technology, financial, and operations teams to identify and assess risks related to technology, financial, operations and ensures regulatory compliance. This role requires strong analytical, communication, and leadership skills to advise senior executives and the Board on risk strategy. Responsibilities - Framework Development: Design, implement, and continuously improve the Enterprise Risk Management (ERM) framework, policies, and governance. - Influence global BHN partners to adopt and embed the stated Framework. - Risk Appetite: establish the level of risk the Regulated Entities are willing to take and keep the business wide risk register up to date and regularly reviewed. - Risk Assessment and Mitigation: Lead enterprise-wide risk assessments to identify potential vulnerabilities, analyse complex data, and develop mitigation plans for strategic, financial, operational, and compliance risks. - Reporting and Governance: Prepare and present executive- and board-level risk reporting, including key risk indicators (KRIs) and risk appetite statements, to senior leadership and risk committees. - Define risk metrics, KRIs and KPIs that align with Regulated Entity frameworks. - Create reporting processes, dashboards, and other risk reporting tailored to the relevant audience. - Facilitate the Enterprise Risk Committee including materials preparation and follow up actions. - Incident Management & Resilience: Support BHN incident management processes and ensure robust business continuity planning and disaster recovery. - Stakeholder Collaboration: Partner with cross-functional teams, including Product, Technology, Legal, Compliance, and Finance to embed risk management practices into daily operations and new initiatives. - Recommend risk-based design, controls, and processes for implementation and ongoing risk monitoring as part of BHN strategy. - May lead & mentor a team of ERM professionals, globally - Drives the implementation of corporate wide programs, policies & procedures as they relate to the ERM Framework. Qualifications - 12+ years experience or equivalent relevant Compliance and Risk Management experience. - Outstanding ability to lead, influence, and build consensus across different groups. Ability to communicate very well in writing and in person. - Understanding of requirements of Anti-Money Laundering regulations, USA PATRIOT Act, Bank Secrecy Act (BSA), OFAC and FinCEN rules as they relate to Money Services Businesses (MSBs). - Process-driven with the ability to design and implement solutions for increased efficiency and management oversight. - Excellent interpersonal skills with the ability to build collaborative relationships with various business units that play key roles in the regulatory reporting process or in the development of supporting systems - Ability to work in a fast-paced and dynamic environment with a drive to deliver outstanding results - Strategic and tactical analysis, consultative, decision making and communication skills. We seek candidates who not only demonstrate curiosity and adaptability in emerging technologies but have also successfully implemented and utilized AI tools to enhance their work, improve processes, or deliver measurable results. Our teams embrace continuous learning and the thoughtful integration of AI to create meaningful impact – for our employees and the future of work. Benefits Salary Range: $122,210.00 - $155,000.00. Pay is based on several factors including but not limited to education, work experience, certifications, etc. In addition to your salary, Blackhawk Network offers benefits including 401k with employer match, medical, dental, vision, 12 paid holidays throughout the year 2025, sick pay accrual according to state law, parental leave, life insurance, disability insurance, accident and illness insurance, health and dependent care flexible spending accounts, wellness benefits, and flexible time off for all full-time employees. EEO Statement Blackhawk Network provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. Blackhawk Network believes that diversity leads to strength. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.