Cyber Supply Chain Risk Management Specialist

at  Boeing

At Boeing, we innovate and collaborate to make the world a better place. From the seabed to outer space, you can contribute to work that matters with a company where diversity, equity and inclusion are shared values. We’re committed to fostering an environment for every teammate that’s welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us.

EXPERIENCE AND QUALIFICATIONS:

To be eligible for this demanding position, the ideal candidate should demonstrate the following experience and qualifications:

REQUIRED EDUCATION AND YEARS OF EXPERIENCE:

• Education/experience typically acquired through advanced technical education (e.g. Bachelor) and typically 5 or more years’ related work experience or an equivalent combination of technical education and experience (e.g. PhD, Master+3 years’ related work experience, 9 years’ related work experience, etc.).

REQUIRED QUALIFICATIONS:

• Bachelor Degree and/or Military experience and/or Combination of education and work experience equivalent to 9 years.
• Secret clearance-US prestart
• Cybersecurity IAT/IAM Level 1 Certificate or higher IAT/IAM level: IAT Level 1.

DESIRED QUALIFICATIONS:

• Experience with Defense Acquisition Guidebook, Chapter 9, and the Trusted Systems Key Practices Guide
• Experience with IBM DOORS, or other requirements management programs.
• Various cyber related compliance standards: TEMPEST, DFARS Clause 252.204-7012, COMSEC, CNSSI 1253, DOD 8570, NIST 800-160, NIST 800-53 (and 53A), NIST 800-30, NIST 800-171, NIST 800-55, NIST 800-137, NIST 800-39.)
• Excellent team player with strong written and oral communication skills
• Confident in a fast-paced environment with competing priorities, and able to multi-task and manage expectations.
  Telework Availability: None
  This position requires the ability to obtain a US Security Clearance for which the US Government requires US Citizenship as a condition of employment. ( An interim and/or final U.S. Secret Clearance Pre-Start is required.)

SUMMARY PAY RANGE:

Please note that the information shown below is a general guideline only. Pay is based upon candidate experience and qualifications, as well as market and business considerations.
$87,200 - $130,800
BI&A is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race,color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
Equal Employment Opportunity is the Law (PDF)

As a Cyber Supply Chain Risk Management Specialist, you will:

• Communicate and collaborate with key stakeholders across the enterprise in regards to cybersecurity related matters.
• Define and maintain policies, procedures, control objectives and publish implementation guidance.
• Define policy compliance measures and consult on regulatory compliance.
• Define and perform vulnerability assessments leveraging threat analysis, known vulnerabilities, and business value to scope and prioritize efforts.
• Identify the operational environment, the threat against it, the potential impact to it and the most likely courses of adversarial action upon it.
• Define and manage cybersecurity risk management processes.
• Perform due diligence for mergers and acquisitions, ensuring cybersecurity risks are escalated to the appropriate management level for action.
• Act as the primary cybersecurity interface to non-fully integrated subsidiaries, enabling technical interchange and consistent business priorities for Information Security efforts.
• Provide supply chain cybersecurity risk management requirements and collaborate with procurement agents and other Supply Chain functional representatives to implement supply chain cybersecurity.
• Perform cybersecurity risk management and/or policy development and deployment.
• Perform and participates in cybersecurity assessments and audits both in terms of controls and risks.
• Conduct vendor risk assessments using the Cyber Supply Chain Risk Management (C‑SCRM) processes
• Prepare, review, and present technical reports and briefings.
• Ensure compliance with C-SCRM policies and standards
• Develop and implement SCRM mitigation strategies.
• Identify and contribute to the identification of root causes, prioritize threats and recommend and/or implement corrective action.
• Develop and maintain effective, accurate, and timely reporting and metrics
• Provide technical guidance within a defined organizational team.
• Explore the enterprise for evolving state of knowledge and methods regarding cybersecurity best practices.
• Support the development of enterprise-wide cybersecurity policies, standards, guidelines and procedures that may reach across multiple stakeholder organizations.