Boeing logo
Boeing

A leading global aerospace company and top U.S. exporter, Boeing develops, manufactures and services commercial airplanes, defense products and space systems for customers in more than 150 countries. Our U.S. and global workforce and supplier base drive innovation, economic opportunity, sustainability and community impact. Boeing is committed to fostering a culture based on our core values of safety, quality and integrity.

Senior Cybersecurity Third-Party Risk Analyst

Security EngineerSecurity EngineerFull TimeRemoteSeniorTeam 10,001+Since 1916H1B SponsorCompany SiteLinkedIn

Location

Washington

Posted

18 hours ago

Salary

$128.7K - $181.5K / year

Seniority

Senior

English

Job Description

Senior Cybersecurity Third-Party Risk Analyst

Boeing

Job Description At Boeing, we innovate and collaborate to make the world a better place. We're committed to fostering an environment for every teammate that's welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us. We are seeking a highly experienced Senior Cybersecurity Third-Party Risk Analyst to perform advanced, technical assessments of third-party cyber risk and to design automation and process improvements using configuration, integration, and agentic AI capabilities. This senior individual contributor will focus on developing hands-on assessment processes to evaluate vendor controls, validate technical evidence, and drive remediation recommendations - while also building robust automation and configuration assets (scripts, connectors, playbooks, and AI agents) to scale assessment throughput, improve data quality, and accelerate risk decisions. A strong emphasis on lean process enhancement will ensure the program delivers higher velocity, lower waste, and measurable improvements in assessment quality and cycle time. Though the position is primarily remote, there will be times to go into a Boeing facility. Candidates must live near a Boeing Facility or be willing to relocate at their own expense. This position requires candidates to be a US Person (Green Card holder or US Citizen) Key Responsibilities - Design & Execute end-to-end cybersecurity third-party assessments for strategic and high-risk vendors, including questionnaire reviews, technical evidence validation, architecture reviews, cloud configuration analysis, IAM assessments, encryption and key management reviews, logging/monitoring validation, and vulnerability/penetration test interpretation. - Produce repeatable processes that create clear, prioritized risk findings and remediation guidance tailored to vendor risk and business impact - Design, build, and maintain automated assessment capabilities: evidence collection scripts, API connectors, ETL pipelines, data validation routines, and integration points with TPRM/GRC platforms (Aravo, ServiceNow GRC, RSA Archer, OneTrust, etc.). - Develop and deploy agentic AI components (e.g., automated evidence triage, document ingestion and extraction, risk-scoring assistants, remediation suggestion agents) while ensuring safe, auditable, and privacy-preserving behavior. - Lead lean process improvement initiatives across the assessment lifecycle: map value streams, eliminate waste, reduce handoffs, optimize SLAs, and implement continuous improvement cycles to increase throughput and quality. - Create and maintain technical assessment artifacts: standardized templates, evidence matrices, technical checklists, assessment playbooks, and scoring rubrics that support repeatability and auditability. - Validate and tune automated scoring models and AI outputs; perform periodic calibration and manual reviews to ensure accuracy and reduce false positives/negatives. - Collaborate closely with Procurement, Legal, Security Operations/CIRT, Privacy, and other business stakeholders to ensure technical assessment findings map to contractual requirements and incident response expectations. - Support remediation verification and re-assessment - use automation to track evidence submission, validate fixes, and update risk status. - Maintain strong documentation & processes to support change management of automation logic, AI agent behaviors, data mappings, integration schemas - Stay current on emerging attack techniques, supply chain threats, automation best practices, responsible AI controls, and lean methods; propose and implement improvements. Basic/Required Qualifications - 5+ years of cybersecurity experience with at least 3 years focused on third-party/vendor security assessments or equivalent technical assessment roles. - Deep hands-on expertise reviewing technical artifacts: cloud console evidence (AWS/Azure/GCP), architecture diagrams, IAM configurations, network security, encryption, logging/monitoring, vulnerability scans, and penetration test reports. - Proven ability to translate technical findings into concise executive-level summaries and remediation plans; excellent written and verbal communication skills. - Demonstrated experience applying lean principles or continuous improvement methods to operational processes - ability to run value stream mapping, define and measure waste, and implement sustainable improvements. - Comfortable working independently as a senior individual contributor and coordinating across technical and non-technical stakeholders; experience in agile environments and using agile tooling (ADO, JIRA). Preferred Qualifications - Bachelor's degree in Computer Science, Information Security, Engineering, or related technical field; advanced degree (MS or equivalent) preferred. - Industry recognized security certifications (CISSP, CISM, CRISC) and/or cloud security certifications (AWS/Azure/GCP Security) preferred. - Strong configuration skills for security/TPRM tooling (Aravo, ServiceNow GRC, RSA Archer, OneTrust, or similar) including forms, workflows, scoring, and data model configuration. - Formal training or certification in Lean/Six Sigma, Kaizen, or similar continuous improvement methodologies. - Practical experience designing, training, or integrating agentic AI components (LLM orchestration, retrieval-augmented generation, agent frameworks) into security processes - able to implement guardrails, audit logging, and privacy controls. - Prior experience implementing AI governance for security use cases - Familiarity with software supply chain risk concepts (SBOMs) - Experience with SIEM/SOAR integrations, vulnerability management platforms, and continuous monitoring - Experience working in regulated industries (finance, aviation, healthcare, defense) or with global privacy/regulatory requirements (GDPR, CMMC, etc...). Typical Education/Experience: - Education/experience typically acquired through advanced education (e.g. Associate) and typically 2 or more years' related work experience or an equivalent combination of education and experience (e.g. Bachelor+1 years' related work experience, 5 years' related work experience, etc.). Relocation: Relocation assistance is not a negotiable benefit for this position. Candidates must live in the immediate area of a Boeing facility or relocate at their own expense. Drug Free Workplace: Boeing is a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria are met as outlined in our policies. Pay & Benefits: At Boeing, we strive to deliver a Total Rewards package that will attract, engage and retain the top talent. Elements of the Total Rewards package include competitive base pay and variable compensation opportunities. The Boeing Company also provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and several programs that provide for both paid and unpaid time away from work. The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location, date of hire, and the applicability of collective bargaining agreements. Pay is based upon candidate experience and qualifications, as well as market and business considerations. Pay Range is dependent on geographical location and experience: Senior - $128,700 - $181,500 Applications for this position will be accepted until Jul. 15, 2026 Export Control Requirements: This position must meet U.S. export control compliance requirements. To meet U.S. export control compliance requirements, a "U.S. Person" as defined by 22 C.F.R. §120.62 is required. "U.S. Person" includes U.S. Citizen, U.S. National, lawful permanent resident, refugee, or asylee. Export Control Details: US based job, US Person required Relocation Relocation assistance is not a negotiable benefit for this position. Visa Sponsorship Employer will not sponsor applicants for employment visa status. Shift This position is for 1st shift Equal Opportunity Employer: Boeing is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law.

Related Categories

Related Job Pages

More Security Engineer Jobs

CDW logo

Principal Solutions Executive - Security

CDW

CDW is a Fortune 500 IT services company providing solutions for more than 250,000 clients across North America and the United Kingdom. Serving small and large

Security Engineer19 hours ago
Full TimeRemoteTeam 15,100Since 1984

Title: Principal Solutions Executive - Security - Northeast Location: Virtual, NJ, United States Job ID: R26_00000898 Team: Sales Focus Area: Business Development Remote Type: Remote Job Description: Description CDW Security is the business unit within CDW, Inc. built to help customers feel confident as they address security challenges and strive for impactful business outcomes. We maintain industry-leading expertise in the areas of strategy, risk, compliance, identity and access management, data privacy, secure infrastructure, and workforce development, to name a few. The products and services related to this expertise provide CDW clients everything needed to develop and mature effective security programs. As part of the Security Solutions Executive team, you will be responsible for selling security services and products. The Security Solutions Executive is expected to enhance CDW Security’s presence, market share, and revenue growth in the cybersecurity market. Specifically, you will support the sales team with full sales lifecycle management through strategic account planning, research, opportunity management, relationship-building, partnering with services teams and OEM vendors, pursuit, and closure. What you will do: - Develop and execute successful strategies that expand CDW Security’s customer base and achieve bookings, revenue, and gross profit targets. - Establish a detailed, comprehensive understanding of all capabilities, service offerings, value proposition, market positioning, selling strategy and process, as well as key differentiators. - Cultivate productive relationships with key personnel in current and targeted accounts. - Identify, engage, qualify, develop, and earn new clients. - Manage, support, and grow relationships as part of the extended sales team with prospects and clients as a consultative seller. - Network with a broad range of client organizations and leadership in key fields, including: Information Technology, Information Security, Finance, Internal Audit, Data Privacy, Compliance, and Legal, Enterprise Risk Management, Procurement / Supply Chain Management. - Proactively coordinate with other CDW Security resources to drive sales cycles, meet company objectives, and exceed client expectations. These key internal resources include Subject Matter Experts, Practice Leadership, Sales Management and Marketing. - Build strong relationships with the partner community to identify opportunities for CDW and those partners. - Understand industry landscapes and follow trends that impact our clients’ business risk, strategic decision-making, and budget planning and expenditure. - Provide accurate sales pipeline updates and forecasts. - Proactively populate and maintain all information in Salesforce. - Provide onboarding support and mentorship to entry level Security Solutions Executives. - Enhance CDW Security’s and your personal brand through participation at industry events, speaking engagements, blogging and other forms of acceptable public communication. - Proactively work with marketing to develop regional events that attract senior leadership from key accounts and prospects. What we expect of you: - Bachelor's Degree and 10+ years experience identifying opportunities and full lifecycle management for security services and products and/or equivalent experience as a security practitioner OR 14+ years experience identifying opportunities and full lifecycle management for security services and products and/or equivalent experience as a security. - Mastery of at least four of the security focus areas in the security portfolio: Identity and Access Management, Security Program Development Privacy, Risk and Compliance, Third-Party Risk Management, Threat and Vulnerability Management, Cyber Workforce Development, Cloud Security, Secure Infrastructure, Physical Security, Emerging Security Technologies.= - Experience with enterprise sales, with both strategic planning and day-to-day execution. - Proven performance record with demonstrated year-over-year metrics. - Successful record of meeting or exceeding sales goals. - Ability to take personal ownership of professional goals and achieve financial targets. - Strong ambition and sense of urgency. - Energetic networker and relationship-builder. - Ability to work with and effectively coordinate across extended internal teams and partners. - Excellent, professional written and verbal communication and interpersonal skills. - Ability to travel as needed for customer meetings and to develop/maintain partner relationships. Pay range: $100,000 - $140,000, depending on experience and skill set Annual bonus target of $30,000 subject to terms and conditions of plan Additionally, uncapped commission subject to terms and conditions of plan Salary ranges may be subject to geographic differentials CDW is committed to being an AI-fluent organization We’re looking for people who bring curiosity, a learner’s mindset, and a willingness to engage with ever-evolving technology and tools. We value adopting AI as a partner, openness to experimentation, and a shared interest in learning together on AI. Our goal is to create a culture where AI enhances—not replaces—human creativity and decision-making. You don’t need to be an expert today; what matters is your readiness to explore, adapt, and grow with us as we integrate AI responsibly and effectively into our work. Additionally, CDW is committed to fostering an equitable, transparent, and respectful hiring process for all applicants. During our application process, our goal is to understand your experience, strengths, skills, and qualifications. As an AI forward company, we see AI not just as a tool, but as a catalyst for new ways of thinking, creating, and communicating. We encourage candidates to embrace an AI mindset, one that’s curious, adaptive, and ready to explore what’s possible. We welcome thoughtful use of AI to expand your perspective and elevate how you share your story, while ensuring your application remains rooted in your own background, judgment, and voice. About Us CDW is a Fortune 500 technology solutions provider that helps businesses, government, education, and healthcare organizations achieve what’s possible through technology. What makes CDW different isn’t just what we do—it’s how we do it. At CDW we act as one—building trust, speaking candidly, and working together to achieve more. We play to win—focusing on what matters most and delivering for our customers. And we think forward—staying curious, moving fast, and continuously learning. We believe meaningful work happens when people feel supported, heard, and empowered to contribute. That’s why we think of ourselves as coworkers, not just employees—working together to solve complex challenges and deliver real impact for our customers and communities. As a full‑stack, full‑lifecycle technology partner, CDW brings deep expertise, strong relationships, and broad industry knowledge to help turn ideas into outcomes. When you join CDW, you become part of a collaborative environment where your work matters, your growth is supported, and your contributions help shape what’s next. CDW is an equal opportunity employer. All qualified applicants will receive consideration for employment without regards to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status or any other basis prohibited by state and local law.

New Jersey
$160K - $192K / year
Full TimeRemoteTeam 201-500H1B No Sponsor

• Conduct risk assessments and ensure compliance with relevant Australian cybersecurity regulations and standards (e.g., Privacy Act, ASD Essential 8, ISO 27001). • Manage third-party security risks and support internal governance processes. • Monitor security events, lead incident response efforts, and investigate potential threats to minimize impact on client operations and ensure timely resolution. • Develop and enforce cybersecurity policies, deliver security training to staff and clients, and promote a culture of awareness and shared responsibility for information security. • Identify vulnerabilities, manage patching processes, and advise on the design of secure infrastructure solutions aligned with Australian best practices. • Develop and maintain business continuity and disaster recovery plans. Collaborate with internal teams and prepare clear, actionable security reports for clients and stakeholders.

Australia
Full TimeRemoteTeam 201-500H1B No Sponsor

• Develop and implement security policies and procedures for project environments, ensuring alignment with industry standards and government guidelines (PSPF, ISM). • Monitor, assess, and manage vulnerabilities in systems and applications, and configure security tools like firewalls, IDS, and anti-malware software in collaboration with IT. • Create and maintain documentation for security protocols, incident response plans, and guidelines to ensure consistency and compliance across projects. • Stay current with cybersecurity trends and deliver security awareness training to foster a proactive security culture among stakeholders and partners. • Lead incident response efforts, including containment, eradication, recovery, and communication of risks and solutions to improve security practices. • Conduct comprehensive cyber risk assessments of systems and technologies to ensure compliance with government policies and enhance overall security posture. • Continuously improve cybersecurity services by implementing new strategies, tools, and best practices to stay ahead of emerging threats. • Manage and maintain agreed service levels, ensuring that cyber security operations align with organisational goals.

Australia
Uber logo

Staff AI Security Engineer

Uber

Uber is a transportation company that has developed a mobile app to connect passengers with drivers. As an employer, Uber believes in the power to "shape the wo

Security Engineer19 hours ago

Title: Staff AI Security Engineer - (Agentic Systems) Locations: San Francisco, California / Seattle, Washington / Sunnyvale, California / New York City, New York Team Engineer Subteam Software Engineering Hybrid Job Description: About the Role Our mission is to protect, defend, and secure Uber's products, infrastructure, and data by building highly available, scalable, and extensible security solutions and services. We are seeking a Staff Security Engineer to join the Cyber Defense team to drive the development of our next-generation security platforms focused on leveraging AI/ML/GenAI. In this role, you will be a passionate and pragmatic technologist, designing scalable systems while delivering high-quality code. You will architect and implement industry-leading security solutions, including the AI-orchestrated attack platform and autonomous security agents, to stay ahead of sophisticated, AI-driven threats. As a Staff Engineer, you are not only a technical role model but also an empathic leader and humble teacher, mentoring a team of passionate engineers while delivering uniquely challenging projects. ---- What the Candidate Will Do ---- - AI-Driven Red Teaming Platform: Architect and implement the end-to-end AI-driven red teaming platform to automate threat intelligence processing, vulnerability research, and attack execution. - Agentic Incident Response: Design and build autonomous security agents for threat hunting and incident triage/response to achieve defense at machine speed. - Secure AI Environment: Define and maintain secure, air-gapped environments for the safe development and execution of advanced AI/ML models for adversary simulations. - Technical Leadership: Set technical direction for specific projects by identifying priorities, managing expectations, and considering tradeoffs. - Engineering Excellence: Champion best software engineering practices and empower teams to build a culture of quality and operational excellence. - Cross-Functional Collaboration: Partner with IT, product, and various security teams to integrate security posture improvements across the entire environment. ---- Basic Qualifications ---- - BS/MS Degree in Computer Science, Engineering, or a related field. - 7+ years of industry experience in a software development or security engineering environment. - Proficiency in programming languages such as Golang, Java, or Python. - Deep understanding of distributed systems, high-availability, and high-performance system design. - Hands-on experience with Cyber Defense such as incident response, investigation, and threat detection. ---- Preferred Qualifications ---- - Master's Degree or PhD in Computer Science, Engineering, Information Security or a related field. - Prior experience in Red Teaming, building AI-driven attack tools, threat detection, and incident response. - Deep experience incorporating GenAI agents into production security services, specifically for automation or vulnerability discovery. - In-depth knowledge of security software frameworks, including EDR solutions (e.g., CrowdStrike, SentinelOne) and SIEM platforms (e.g., Splunk, Chronicle). - Strong understanding of security frameworks and standards (e.g., NIST CSF, ISO 27001). For New York, NY-based roles: The base salary range for this role is USD$232,000 per year - USD$258,000 per year. For San Francisco, CA-based roles: The base salary range for this role is USD$232,000 per year - USD$258,000 per year. For Seattle, WA-based roles: The base salary range for this role is USD$232,000 per year - USD$258,000 per year. For Sunnyvale, CA-based roles: The base salary range for this role is USD$232,000 per year - USD$258,000 per year. For all US locations, you will be eligible to participate in Uber's bonus program, and may be offered an equity award & other types of comp. All full-time employees are eligible to participate in a 401(k) plan. You will also be eligible for various benefits. Uber's mission is to reimagine the way the world moves for the better. Here, bold ideas create real-world impact, challenges drive growth, and speed fuels progress. What moves us, moves the world - let's move it forward, together. Uber is proud to be an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you have a disability or special need that requires accommodation, please let us know by completing this form. Offices continue to be central to collaboration and Uber's cultural identity. Unless formally approved to work fully remotely, Uber expects employees to spend at least half of their work time in their assigned office. For certain roles, such as those based at green-light hubs, employees are expected to be in-office for 100% of their time.

California + 2 moreAll locations: California | Washington | New York
$232K - $258K / year