Senior Cybersecurity Third-Party Risk Analyst
Company: Boeing
Location: Seattle
Posted on: April 2, 2026
|
|
|
Job Description:
Senior Cybersecurity Third-Party Risk Analyst Company: The
Boeing Company We are seeking a highly experienced Senior
Cybersecurity Third-Party Risk Analyst to perform advanced,
technical assessments of third-party cyber risk and to design
automation and process improvements using configuration,
integration, and agentic AI capabilities. This senior individual
contributor will focus on developing hands-on assessment processes
to evaluate vendor controls, validate technical evidence, and drive
remediation recommendations - while also building robust automation
and configuration assets (scripts, connectors, playbooks, and AI
agents) to scale assessment throughput, improve data quality, and
accelerate risk decisions. A strong emphasis on lean process
enhancement will ensure the program delivers higher velocity, lower
waste, and measurable improvements in assessment quality and cycle
time. Though the position is primarily remote, there will be times
to go into a Boeing facility. Candidates must live near a Boeing
Facility or be willing to relocate at their own expense. This
position requires candidates to be a US Person (Green Card holder
or US Citizen) Key Responsibilities Design & Execute end-to-end
cybersecurity third-party assessments for strategic and high-risk
vendors, including questionnaire reviews, technical evidence
validation, architecture reviews, cloud configuration analysis, IAM
assessments, encryption and key management reviews,
logging/monitoring validation, and vulnerability/penetration test
interpretation. Produce repeatable processes that create clear,
prioritized risk findings and remediation guidance tailored to
vendor risk and business impact Design, build, and maintain
automated assessment capabilities: evidence collection scripts, API
connectors, ETL pipelines, data validation routines, and
integration points with TPRM/GRC platforms (Aravo, ServiceNow GRC,
RSA Archer, OneTrust, etc.). Develop and deploy agentic AI
components (e.g., automated evidence triage, document ingestion and
extraction, risk-scoring assistants, remediation suggestion agents)
while ensuring safe, auditable, and privacy-preserving behavior.
Lead lean process improvement initiatives across the assessment
lifecycle: map value streams, eliminate waste, reduce handoffs,
optimize SLAs, and implement continuous improvement cycles to
increase throughput and quality. Create and maintain technical
assessment artifacts: standardized templates, evidence matrices,
technical checklists, assessment playbooks, and scoring rubrics
that support repeatability and auditability. Validate and tune
automated scoring models and AI outputs; perform periodic
calibration and manual reviews to ensure accuracy and reduce false
positives/negatives. Collaborate closely with Procurement, Legal,
Security Operations/CIRT, Privacy, and other business stakeholders
to ensure technical assessment findings map to contractual
requirements and incident response expectations. Support
remediation verification and re-assessment - use automation to
track evidence submission, validate fixes, and update risk status.
Maintain strong documentation & processes to support change
management of automation logic, AI agent behaviors, data mappings,
integration schemas Stay current on emerging attack techniques,
supply chain threats, automation best practices, responsible AI
controls, and lean methods; propose and implement improvements.
Basic/Required Qualifications 5 years of cybersecurity experience
with at least 3 years focused on third-party/vendor security
assessments or equivalent technical assessment roles. Deep hands-on
expertise reviewing technical artifacts: cloud console evidence
(AWS/Azure/GCP), architecture diagrams, IAM configurations, network
security, encryption, logging/monitoring, vulnerability scans, and
penetration test reports. Proven ability to translate technical
findings into concise executive-level summaries and remediation
plans; excellent written and verbal communication skills.
Demonstrated experience applying lean principles or continuous
improvement methods to operational processes - ability to run value
stream mapping, define and measure waste, and implement sustainable
improvements. Comfortable working independently as a senior
individual contributor and coordinating across technical and
non-technical stakeholders; experience in agile environments and
using agile tooling (ADO, JIRA). Preferred Qualifications ?
Bachelor’s degree in Computer Science, Information Security,
Engineering, or related technical field; advanced degree (MS or
equivalent) preferred. Industry recognized security certifications
(CISSP, CISM, CRISC) and/or cloud security certifications
(AWS/Azure/GCP Security) preferred. Strong configuration skills for
security/TPRM tooling (Aravo, ServiceNow GRC, RSA Archer, OneTrust,
or similar) including forms, workflows, scoring, and data model
configuration. Formal training or certification in Lean/Six Sigma,
Kaizen, or similar continuous improvement methodologies. Practical
experience designing, training, or integrating agentic AI
components (LLM orchestration, retrieval-augmented generation,
agent frameworks) into security processes - able to implement
guardrails, audit logging, and privacy controls. Prior experience
implementing AI governance for security use cases Familiarity with
software supply chain risk concepts (SBOMs) Experience with
SIEM/SOAR integrations, vulnerability management platforms, and
continuous monitoring Experience working in regulated industries
(finance, aviation, healthcare, defense) or with global
privacy/regulatory requirements (GDPR, CMMC, etc). Typical
Education/Experience: Education/experience typically acquired
through advanced education (e.g. Associate) and typically 2 or more
years' related work experience or an equivalent combination of
education and experience (e.g. Bachelor1 years' related work
experience, 5 years' related work experience, etc.). Relocation:
Relocation assistance is not a negotiable benefit for this
position. Candidates must live in the immediate area of a Boeing
facility or relocate at their own expense. Drug Free Workplace:
Boeing is a Drug Free Workplace where post offer applicants and
employees are subject to testing for marijuana, cocaine, opioids,
amphetamines, PCP, and alcohol when criteria are met as outlined in
our policies. Pay & Benefits: At Boeing, we strive to deliver a
Total Rewards package that will attract, engage and retain the top
talent. Elements of the Total Rewards package include competitive
base pay and variable compensation opportunities. The Boeing
Company also provides eligible employees with an opportunity to
enroll in a variety of benefit programs, generally including health
insurance, flexible spending accounts, health savings accounts,
retirement savings plans, life and disability insurance programs,
and several programs that provide for both paid and unpaid time
away from work. The specific programs and options available to any
given employee may vary depending on eligibility factors such as
geographic location, date of hire, and the applicability of
collective bargaining agreements. Pay is based upon candidate
experience and qualifications, as well as market and business
considerations. Pay Range is dependent on geographical location and
experience: Senior - $128,700 - $181,500 Language Requirements: Not
Applicable Education: Not Applicable Relocation: Relocation
assistance is not a negotiable benefit for this position. Export
Control Requirement: This position must meet U.S. export control
compliance requirements. To meet U.S. export control compliance
requirements, a “U.S. Person” as defined by 22 C.F.R. §120.62 is
required. “U.S. Person” includes U.S. Citizen, U.S. National,
lawful permanent resident, refugee, or asylee. Safety Sensitive:
This is not a Safety Sensitive Position. Security Clearance: This
position does not require a Security Clearance. Visa Sponsorship:
Employer will not sponsor applicants for employment visa status.
Contingent Upon Award Program This position is not contingent upon
program award Shift: Shift 1 (United States of America) Stay safe
from recruitment fraud! The only way to apply for a position at
Boeing is via our Careers website. Learn how to protect yourself
from recruitment fraud - Recruitment Fraud Warning Boeing is an
Equal Opportunity Employer. Employment decisions are made without
regard to race, color, religion, national origin, gender, sexual
orientation, gender identity, age, physical or mental disability,
genetic factors, military/veteran status or other characteristics
protected by law. EEO is the law Boeing EEO Policy Request an
Accommodation Applicant Privacy Boeing Participates in E – Verify
E-Verify (English) E-Verify (Spanish) Right to Work Statement Right
to Work (English) Right to Work (Spanish)
Keywords: Boeing, Seattle , Senior Cybersecurity Third-Party Risk Analyst, IT / Software / Systems , Seattle, Washington
