Mid-Level Security Governance, Risk & Compliance (GRC) Analyst

Mid-Level Security Governance, Risk & Compliance (GRC) Analyst

Company:

The Boeing Company

The Boeing Company is currently seeking a Mid-Level Security Governance, Risk & Compliance (GRC) Analyst to join the team in Seattle, WA. 

As the Mid-Level Security Governance, Risk & Compliance (GRC) Analyst, you will drive and facilitate the execution of Boeing’s Security GRC program, drive awareness and compliance to delegated, statutory and organization policies and procedures including technical and administrative controls. This role leads the coordination on relevant projects associated with security risk reduction and ensures visibility of the results of security risk assessments and areas of non-compliance with recommended strategies for risk mitigations and remediation of control deficiencies. The role provides process improvements to risk management quality using operational metrics and Key Risk Indicators (KRIs) based on critical security events.

Position Responsibilities:

• Drive the execution and reporting of Security GRC strategic objectives and key results

• Maintains risk registers and ensures traceability from identification through mitigation or acceptance

• Implement and administer leading industry GRC applications and integration of other GRC-dependent tools, experience with ServiceNOW IRM/GRC

• Monitor compliance with security policies, procedures, and standards and implement corrective actions to address gaps or issues and partner with business units to ensure compliance considerations are incorporated into new project implementations

• Facilitate the security risk management lifecycle process, including identification, analysis, and remediation efforts

• Conduct security risk assessments, internal audits, technology assessments, security hygiene checks, and gap analysis against regulatory standards and frameworks (i.e., ISO/IEC 27001, NIST CSF, NIST SP 80-171, etc.)

• Provide executive level security risk burn-down reports to stakeholders and senior management supported by quantitative and qualitative estimates of risk for various business practices

• Provide guidance on key performance indicators (KPIs) and operational metrics to measure overall maturity of security risk and compliance across the key areas of risks (i.e., cloud, OT, supply-chain, etc.)

• Raise awareness of any high level or substantial risk or assessment findings to appropriate party in alignment with policies and processes, including potential impact on company revenue, security compliance, customer asset loss, and any cross-functional impact

• Establish formal Information Security Management Systems (ISMS) training program, management of assigned learning modules, ensuring training compliance and overall program maturity

• Complete agile project documentation throughout project lifecycle and to obtain appropriate approvals at each project phase and provide project reporting for various levels inclusive of metric oversight and analysis of project process

Basic Qualifications (Required Skills/Experience):

• 3+ years of experience with cybersecurity, information protection, and risk management

• 3+ years of experience in policies and implementation of Risk Management Framework (RMF)

• 1+ years of experience with the ServiceNow platform

Preferred Qualifications (Desired Skills/Experience):

• Bachelor’s degree in Cybersecurity, Information Systems, Risk Management, or a related field

• Current industry certifications such as CRISC, CISSP, CISA, or CGEIT

• Experience working in highly regulated environments (e.g., aerospace, defense, financial services)

Drug Free Workplace:

Boeing is a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria is met as outlined in our policies.

Pay & Benefits:

At Boeing, we strive to deliver a Total Rewards package that will attract, engage and retain the top talent. Elements of the Total Rewards package include competitive base pay and variable compensation opportunities.  

The Boeing Company also provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and a number of programs that provide for both paid and unpaid time away from work.

The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location, date of hire, and the applicability of collective bargaining agreements.

Pay is based upon candidate experience and qualifications, as well as market and business considerations.

Summary pay range: $99,450 – $134,550

Language Requirements:

Not Applicable

Education:

Not Applicable

Relocation:

Relocation assistance is not a negotiable benefit for this position.

Export Control Requirement:

This is not an Export Control position.

Safety Sensitive:

This is not a Safety Sensitive Position.

Security Clearance:

This position requires the ability to obtain a U.S. Security Clearance for which the U.S. Government requires U.S. Citizenship. An interim and/or final U.S. Secret Clearance Post-Start is required.

Visa Sponsorship:

Employer will not sponsor applicants for employment visa status.

Contingent Upon Award Program

This position is not contingent upon program award

Shift:

Shift 1 (United States of America)

Stay safe from recruitment fraud! The only way to apply for a position at Boeing is via our Careers website. Learn how to protect yourself from recruitment fraud - Recruitment Fraud Warning

Boeing is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law.

EEO is the law

Boeing EEO Policy

Request an Accommodation

Applicant Privacy

Boeing Participates in E – Verify

• E-Verify (English)
• E-Verify (Spanish)

Right to Work Statement

• Right to Work (English)
• Right to Work (Spanish)