Senior Cybersecurity Third-Party Risk Analyst

Posted An Hour Ago
Be an Early Applicant
Hiring Remotely in Seattle, WA, USA
In-Office or Remote
129K-182K Annually
Senior level
Aerospace • Information Technology • Software • Cybersecurity • Design • Defense • Manufacturing
Explore New Horizons
The Role
Lead and perform technical third-party cybersecurity assessments, validate vendor evidence, and deliver prioritized remediation. Build and maintain automation (scripts, connectors, ETL), integrate with TPRM/GRC platforms, and develop agentic AI components. Drive lean process improvements, create technical assessment artifacts, tune scoring models, and collaborate with procurement, legal, security operations, and privacy to accelerate risk decisions and verification.
Summary Generated by Built In
Job Description
At Boeing, we innovate and collaborate to make the world a better place. We're committed to fostering an environment for every teammate that's welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us.
We are seeking a highly experienced Senior Cybersecurity Third-Party Risk Analyst to perform advanced, technical assessments of third-party cyber risk and to design automation and process improvements using configuration, integration, and agentic AI capabilities. This senior individual contributor will focus on developing hands-on assessment processes to evaluate vendor controls, validate technical evidence, and drive remediation recommendations - while also building robust automation and configuration assets (scripts, connectors, playbooks, and AI agents) to scale assessment throughput, improve data quality, and accelerate risk decisions. A strong emphasis on lean process enhancement will ensure the program delivers higher velocity, lower waste, and measurable improvements in assessment quality and cycle time.
Though the position is primarily remote, there will be times to go into a Boeing facility. Candidates must live near a Boeing Facility or be willing to relocate at their own expense.
This position requires candidates to be a US Person (Green Card holder or US Citizen)
Key Responsibilities
  • Design & Execute end-to-end cybersecurity third-party assessments for strategic and high-risk vendors, including questionnaire reviews, technical evidence validation, architecture reviews, cloud configuration analysis, IAM assessments, encryption and key management reviews, logging/monitoring validation, and vulnerability/penetration test interpretation.
  • Produce repeatable processes that create clear, prioritized risk findings and remediation guidance tailored to vendor risk and business impact
  • Design, build, and maintain automated assessment capabilities: evidence collection scripts, API connectors, ETL pipelines, data validation routines, and integration points with TPRM/GRC platforms (Aravo, ServiceNow GRC, RSA Archer, OneTrust, etc.).
  • Develop and deploy agentic AI components (e.g., automated evidence triage, document ingestion and extraction, risk-scoring assistants, remediation suggestion agents) while ensuring safe, auditable, and privacy-preserving behavior.
  • Lead lean process improvement initiatives across the assessment lifecycle: map value streams, eliminate waste, reduce handoffs, optimize SLAs, and implement continuous improvement cycles to increase throughput and quality.
  • Create and maintain technical assessment artifacts: standardized templates, evidence matrices, technical checklists, assessment playbooks, and scoring rubrics that support repeatability and auditability.
  • Validate and tune automated scoring models and AI outputs; perform periodic calibration and manual reviews to ensure accuracy and reduce false positives/negatives.
  • Collaborate closely with Procurement, Legal, Security Operations/CIRT, Privacy, and other business stakeholders to ensure technical assessment findings map to contractual requirements and incident response expectations.
  • Support remediation verification and re-assessment - use automation to track evidence submission, validate fixes, and update risk status.
  • Maintain strong documentation & processes to support change management of automation logic, AI agent behaviors, data mappings, integration schemas
  • Stay current on emerging attack techniques, supply chain threats, automation best practices, responsible AI controls, and lean methods; propose and implement improvements.

Basic/Required Qualifications
  • 5+ years of cybersecurity experience with at least 3 years focused on third-party/vendor security assessments or equivalent technical assessment roles.
  • Deep hands-on expertise reviewing technical artifacts: cloud console evidence (AWS/Azure/GCP), architecture diagrams, IAM configurations, network security, encryption, logging/monitoring, vulnerability scans, and penetration test reports.
  • Proven ability to translate technical findings into concise executive-level summaries and remediation plans; excellent written and verbal communication skills.
  • Demonstrated experience applying lean principles or continuous improvement methods to operational processes - ability to run value stream mapping, define and measure waste, and implement sustainable improvements.
  • Comfortable working independently as a senior individual contributor and coordinating across technical and non-technical stakeholders; experience in agile environments and using agile tooling (ADO, JIRA).

Preferred Qualifications
  • Bachelor's degree in Computer Science, Information Security, Engineering, or related technical field; advanced degree (MS or equivalent) preferred.
  • Industry recognized security certifications (CISSP, CISM, CRISC) and/or cloud security certifications (AWS/Azure/GCP Security) preferred.
  • Strong configuration skills for security/TPRM tooling (Aravo, ServiceNow GRC, RSA Archer, OneTrust, or similar) including forms, workflows, scoring, and data model configuration.
  • Formal training or certification in Lean/Six Sigma, Kaizen, or similar continuous improvement methodologies.
  • Practical experience designing, training, or integrating agentic AI components (LLM orchestration, retrieval-augmented generation, agent frameworks) into security processes - able to implement guardrails, audit logging, and privacy controls.
  • Prior experience implementing AI governance for security use cases
  • Familiarity with software supply chain risk concepts (SBOMs)
  • Experience with SIEM/SOAR integrations, vulnerability management platforms, and continuous monitoring
  • Experience working in regulated industries (finance, aviation, healthcare, defense) or with global privacy/regulatory requirements (GDPR, CMMC, etc...).

Typical Education/Experience:
  • Education/experience typically acquired through advanced education (e.g. Associate) and typically 2 or more years' related work experience or an equivalent combination of education and experience (e.g. Bachelor+1 years' related work experience, 5 years' related work experience, etc.).

Relocation:
Relocation assistance is not a negotiable benefit for this position. Candidates must live in the immediate area of a Boeing facility or relocate at their own expense.
Drug Free Workplace:
Boeing is a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria are met as outlined in our policies.
Pay & Benefits:
At Boeing, we strive to deliver a Total Rewards package that will attract, engage and retain the top talent. Elements of the Total Rewards package include competitive base pay and variable compensation opportunities.
The Boeing Company also provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and several programs that provide for both paid and unpaid time away from work.
The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location, date of hire, and the applicability of collective bargaining agreements.
Pay is based upon candidate experience and qualifications, as well as market and business considerations.
Pay Range is dependent on geographical location and experience:
Senior - $128,700 - $181,500
Applications for this position will be accepted until Jul. 15, 2026
Export Control Requirements:
This position must meet U.S. export control compliance requirements. To meet U.S. export control compliance requirements, a "U.S. Person" as defined by 22 C.F.R. §120.62 is required. "U.S. Person" includes U.S. Citizen, U.S. National, lawful permanent resident, refugee, or asylee.
Export Control Details:
US based job, US Person required
Relocation
Relocation assistance is not a negotiable benefit for this position.
Visa Sponsorship
Employer will not sponsor applicants for employment visa status.
Shift
This position is for 1st shift
Equal Opportunity Employer:
Boeing is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law.

Skills Required

  • 5+ years of cybersecurity experience with at least 3 years focused on third-party/vendor security assessments or equivalent technical assessment roles.
  • Hands-on expertise reviewing cloud console evidence and technical artifacts (AWS/Azure/GCP, architecture diagrams, IAM, network security, encryption, logging/monitoring, vulnerability scans, penetration test reports).
  • Proven ability to translate technical findings into concise executive-level summaries and remediation plans; excellent written and verbal communication skills.
  • Demonstrated experience applying lean principles or continuous improvement methods (value stream mapping, waste reduction, SLA optimization).
  • Experience working independently as a senior individual contributor and coordinating across technical and non-technical stakeholders; experience in agile environments and using agile tooling (ADO, JIRA).
  • Design, build, and maintain automated assessment capabilities including evidence collection scripts, API connectors, ETL pipelines, and integrations with TPRM/GRC platforms (Aravo, ServiceNow GRC, RSA Archer, OneTrust).
  • Develop and deploy agentic AI components (automated evidence triage, document ingestion/extraction, risk-scoring assistants) with safe, auditable, privacy-preserving controls.
  • Must be a U.S. Person (U.S. Citizen, lawful permanent resident/Green Card holder, refugee, or asylee) to meet export control compliance.
  • Candidates must live near a Boeing facility or be willing to relocate at their own expense; position is primarily remote but requires facility access at times.
  • Bachelor's degree in Computer Science, Information Security, Engineering, or related technical field (preferred).
  • Industry recognized security certifications (CISSP, CISM, CRISC) and/or cloud security certifications (AWS/Azure/GCP Security).
  • Strong configuration skills for security/TPRM tooling (Aravo, ServiceNow GRC, RSA Archer, OneTrust) including forms, workflows, scoring, and data model configuration.
  • Formal training or certification in Lean/Six Sigma, Kaizen, or similar continuous improvement methodologies.
  • Practical experience designing, training, or integrating agentic AI components (LLM orchestration, RAG, agent frameworks) into security processes, including guardrails and audit logging.
  • Familiarity with software supply chain risk concepts (SBOMs), SIEM/SOAR integrations, vulnerability management platforms, and continuous monitoring.
  • Experience working in regulated industries or with global privacy/regulatory requirements (GDPR, CMMC, aviation, finance, healthcare).

What the Team is Saying

Tori
Wilton
Dr. Amani

Boeing Compensation & Benefits Highlights

  • Retirement Support For most U.S. nonunion roles, the company matches 401(k) contributions with immediate vesting, and a student‑loan feature counts eligible payments toward earning the company match. Some union agreements also include robust retirement terms, combining a match up to a set percentage with an additional company contribution.
  • Parental & Family Support Paid parental leave is provided at full pay for birth, adoption, surrogacy, or foster placement, alongside adoption and surrogacy assistance. Family resources such as specialized health programs and backup child and elder care are available.
  • Healthcare Strength Coverage spans medical, dental, and vision plus mental‑health and specialty clinical programs (e.g., cancer support and centers of excellence), with many benefits beginning soon after hire. Virtual care, coaching, and access to licensed therapists are included.

Boeing Insights

Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: Arlington, VA
170,000 Employees
Year Founded: 1916

What We Do

A leading global aerospace company and top U.S. exporter, Boeing develops, manufactures and services commercial airplanes, defense products and space systems for customers in more than 150 countries. Our U.S. and global workforce and supplier base drive innovation, economic opportunity, sustainability and community impact. Boeing is committed to fostering a culture based on our core values of safety, quality and integrity.

Why Work With Us

Aerospace protects and connects people, enables economic growth and trade, provides humanitarian relief and allows for human exploration of space. Boeing collaborates globally to support responsible growth for our industry, and we invest in innovation that improves the efficiency and sustainability of air travel and our operations.

Gallery

Gallery
Gallery
Gallery
Gallery
Gallery
Gallery

Boeing Offices

OnSite Workspace

Typical time on-site:
HQArlington, VA
Albuquerque, NM
Auburn, WA
Bellevue, WA
Bengaluru, Karnataka
Berkeley, MO
Bristol, England
Chantilly, VA
Chennai, Tamil Nadu
Chicago, IL
Colorado Springs, CO
Everett, WA
Fort Worth, TX
Herndon, VA
Huntsville, AL
Hyderabad, Telangana
London, England
Los Angeles, CA
Melbourne, Victoria
Mesa, AZ
Mumbai, Maharastra
New Delhi, Delhi
New Orleans, LA
North Charleston, SC
Oklahoma City, OK
Pune, Maharashtra
Renton, WA
Richmond, British Columbia
São José dos Campos, São Paulo
Sydney, New South Wales
Tukwila, WA
Warsaw, Poland
Winnipeg, Manitoba
Learn more

Similar Jobs

Boeing Logo Boeing

US Domestic Regional Growth Director - Remote

Aerospace • Information Technology • Software • Cybersecurity • Design • Defense • Manufacturing
In-Office or Remote
Bingen, WA, USA
170000 Employees
184K-253K Annually

Boeing Logo Boeing

Trade Compliance Specialist 4 - Remote

Aerospace • Information Technology • Software • Cybersecurity • Design • Defense • Manufacturing
In-Office or Remote
Bingen, WA, USA
170000 Employees
99K-135K Annually

Boeing Logo Boeing

UAS Operator 3 (Remote/Deployed)

Aerospace • Information Technology • Software • Cybersecurity • Design • Defense • Manufacturing
In-Office or Remote
Bingen, WA, USA
170000 Employees
30-42 Hourly

Boeing Logo Boeing

UAS Operator 3 (Remote/Deployable)

Aerospace • Information Technology • Software • Cybersecurity • Design • Defense • Manufacturing
In-Office or Remote
Bingen, WA, USA
170000 Employees
30-42 Hourly

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account