Job Description

At Boeing, we innovate and collaborate to make the world a better place. From the seabed to outer space, you can contribute to work that matters with a company where diversity, equity and inclusion are shared values. We’re committed to fostering an environment for every teammate that’s welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us.

Job Description for Supply Chain Cybersecurity Manager (Level K):

At Boeing, we are all innovators on a mission to connect, protect, explore and inspire. From the seabed to outer space, you’ll learn and grow, contributing to work that shapes the world. Find your future with us.

Boeing’s Information Security organization is currently seeking a Supply Chain Cybersecurity Manager to join their leadership team in one of the following locations: Bellevue or Kent, WA; St. Louis, MO; Washington, DC; or Mesa, AZ. Other locations will be considered based on candidate credentials. The Supply Chain Cybersecurity Team partners with the Supply Chain function, Procurement Agents, Contracts, Boeing Legal, Business Partners, Supply Chain Risk & Compliance, and other IT functions to ensure Boeing’s information and systems are protected throughout supplier engagements, that suppliers have appropriate cybersecurity terms included in their contracts, and that suppliers are regularly assessed to better understand, manage, and mitigate the cybersecurity risk suppliers bring to the Boeing ecosystem.

The successful candidate will work in a fast-paced, high volume environment supporting Boeing’s enterprise procurement, cybersecurity, and risk management activities. They will use a data driven approach to identify and optimize existing program operations based on integrated organizational plans, policies, and procedures and will provide input into departmental business and technical strategies, goals, and objectives. The ideal candidate will communicate effectively with technical and non-technical individuals as well as with all levels of management and third parties, work autonomously, be a team player, have a strong understanding of information security and risk management principles, and be able to make solid, risk-based decisions in support of contract negotiations. They will develop and maintain relationships with customers, stakeholders, peers, partners, and direct reports and provide oversight and approval of technical and risk management approaches, products, and processes. The candidate will have a passion for mentoring, managing, and developing people and enabling organizational success by breaking down barriers and driving improvements into Boeing’s Cyber-Supply Chain Risk Management (C-SCRM) program.
 

Position Responsibilities:

• Drive the development and maintenance of an industry leading Cyber-Supply Chain Risk Management (C-SCRM) Program in coordination with senior leadership
• Manage the Supply Chain Cybersecurity statement of work, supporting an experienced team of supply chain cybersecurity specialists
• Establish and advance supplier cyber risk assessment processes and workflows through automated solutions and integration into established supply chain processes
• Understand and advance the adoption of compliance control and risk management frameworks such as NIST CSF, NIST SP 800-171, NIST SP 800-161, CMMC, and ISO 27001 and the creation of reports and dashboards to monitor the effectiveness of technical controls and risk
• Provide cybersecurity control requirements for suppliers based on internal cybersecurity and information protection requirements to effectively address risk from Boeing’s supply chain
• Provide guidance and oversight to the team as they develop supplier statements of work, score requests for information/proposal/solution, negotiate contract terms, and assess applicable cybersecurity controls
• Document and lead the identification of root cause analysis, prioritize threats, and recommend corrective actions to improve C-SCRM program maturity and reduce Boeing’s cybersecurity risk
• Assess, review, and present technical reports and briefings to all levels of leadership on cybersecurity controls implemented by current and potential suppliers
• Initiate and lead improvements in processes to address supply chain cybersecurity risks
• Manage the planning, acquisition, and coordination of resources needed to support the C-SCRM program
• Ensure overall operational budgets, schedules, and performance standards are realistically set and attained
• Generate requirements and analyze technical approach, statement of work, labor and deliverables for programs or projects to ensure quality solutions are delivered

Employer will not sponsor applicants for employment visa status.

Basic Qualifications (Required Skills/Experience):         

• 5+ years of experience with cybersecurity, information protection, risk management, and/or compliance
• 2+ years of experience with managing vendors, contracts, and/or working with supply chain processes or systems
• 1+ year of experience leading projects or people

Preferred Qualifications (Desired Skills/Experience):

• Bachelor\'s degree or higher
• Experience with Cyber-Supply Chain Risk Management programs
• Experience aligning operational capabilities to regulatory frameworks and compliance requirements (i.e., ISO, NIST, CMMC)
• Self-starter with strong time management skills to effectively work to, and meet deadlines
• Strong analytical, integration, teaming, and communication skills
• Experience with project management best practices

Typical Education & Experience:
Bachelor’s degree and typically 5 or more years’ related work experience or a Master’s degree with typically 3 or more years’ of related work experience or a PhD degree or an equivalent combination of education and experience.  Education and experience preferably shows a combination of technical fields such as mathematics, science, cybersecurity, or information technology and information protection, regulatory requirements, contracts, or the law.

Relocation:

This position does not offer relocation but it does allow for telecommuting. The selected candidate will be required to perform some work on-site at one of the listed location options on occasion.

Drug Free Workplace:

Boeing is a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria is met as outlined in our policies. 

At Boeing, diversity, equity, and inclusion are enduring company values. We strive to live these values every day not only because it’s the right thing to do, but because our success depends on it. The company’s commitment to diversity and inclusion providing a work environment for all employees that is welcoming, respectful and equitable, with opportunities for personal and professional development.

Vaccination Requirements:

Boeing is implementing new requirements for employees to be fully vaccinated from COVID-19 or have an approved reasonable accommodation based on local legislation in several countries including U.S.-based employees. Please refer here for current vaccination and/or reasonable accommodation requirements, and timelines based on location.

Equal Opportunity Employer:

Boeing is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law.

Job Description for Supply Chain Cybersecurity Manager (Level K):

At Boeing, we are all innovators on a mission to connect, protect, explore and inspire. From the seabed to outer space, you’ll learn and grow, contributing to work that shapes the world. Find your future with us.

Boeing’s Information Security organization is currently seeking a Supply Chain Cybersecurity Manager to join their leadership team in one of the following locations: Bellevue or Kent, WA; St. Louis, MO; Washington, DC; or Mesa, AZ. Other locations will be considered based on candidate credentials. The Supply Chain Cybersecurity Team partners with the Supply Chain function, Procurement Agents, Contracts, Boeing Legal, Business Partners, Supply Chain Risk & Compliance, and other IT functions to ensure Boeing’s information and systems are protected throughout supplier engagements, that suppliers have appropriate cybersecurity terms included in their contracts, and that suppliers are regularly assessed to better understand, manage, and mitigate the cybersecurity risk suppliers bring to the Boeing ecosystem.

The successful candidate will work in a fast-paced, high volume environment supporting Boeing’s enterprise procurement, cybersecurity, and risk management activities. They will use a data driven approach to identify and optimize existing program operations based on integrated organizational plans, policies, and procedures and will provide input into departmental business and technical strategies, goals, and objectives. The ideal candidate will communicate effectively with technical and non-technical individuals as well as with all levels of management and third parties, work autonomously, be a team player, have a strong understanding of information security and risk management principles, and be able to make solid, risk-based decisions in support of contract negotiations. They will develop and maintain relationships with customers, stakeholders, peers, partners, and direct reports and provide oversight and approval of technical and risk management approaches, products, and processes. The candidate will have a passion for mentoring, managing, and developing people and enabling organizational success by breaking down barriers and driving improvements into Boeing’s Cyber-Supply Chain Risk Management (C-SCRM) program.
 

Position Responsibilities:

• Drive the development and maintenance of an industry leading Cyber-Supply Chain Risk Management (C-SCRM) Program in coordination with senior leadership
• Manage the Supply Chain Cybersecurity statement of work, supporting an experienced team of supply chain cybersecurity specialists
• Establish and advance supplier cyber risk assessment processes and workflows through automated solutions and integration into established supply chain processes
• Understand and advance the adoption of compliance control and risk management frameworks such as NIST CSF, NIST SP 800-171, NIST SP 800-161, CMMC, and ISO 27001 and the creation of reports and dashboards to monitor the effectiveness of technical controls and risk
• Provide cybersecurity control requirements for suppliers based on internal cybersecurity and information protection requirements to effectively address risk from Boeing’s supply chain
• Provide guidance and oversight to the team as they develop supplier statements of work, score requests for information/proposal/solution, negotiate contract terms, and assess applicable cybersecurity controls
• Document and lead the identification of root cause analysis, prioritize threats, and recommend corrective actions to improve C-SCRM program maturity and reduce Boeing’s cybersecurity risk
• Assess, review, and present technical reports and briefings to all levels of leadership on cybersecurity controls implemented by current and potential suppliers
• Initiate and lead improvements in processes to address supply chain cybersecurity risks
• Manage the planning, acquisition, and coordination of resources needed to support the C-SCRM program
• Ensure overall operational budgets, schedules, and performance standards are realistically set and attained
• Generate requirements and analyze technical approach, statement of work, labor and deliverables for programs or projects to ensure quality solutions are delivered

Employer will not sponsor applicants for employment visa status.

Basic Qualifications (Required Skills/Experience):         

• 5+ years of experience with cybersecurity, information protection, risk management, and/or compliance
• 2+ years of experience with managing vendors, contracts, and/or working with supply chain processes or systems
• 1+ year of experience leading projects or people

Preferred Qualifications (Desired Skills/Experience):

• Bachelor\'s degree or higher
• Experience with Cyber-Supply Chain Risk Management programs
• Experience aligning operational capabilities to regulatory frameworks and compliance requirements (i.e., ISO, NIST, CMMC)
• Self-starter with strong time management skills to effectively work to, and meet deadlines
• Strong analytical, integration, teaming, and communication skills
• Experience with project management best practices

Typical Education & Experience:
Bachelor’s degree and typically 5 or more years’ related work experience or a Master’s degree with typically 3 or more years’ of related work experience or a PhD degree or an equivalent combination of education and experience.  Education and experience preferably shows a combination of technical fields such as mathematics, science, cybersecurity, or information technology and information protection, regulatory requirements, contracts, or the law.

Relocation:

This position does not offer relocation but it does allow for telecommuting. The selected candidate will be required to perform some work on-site at one of the listed location options on occasion.

Drug Free Workplace:

Boeing is a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria is met as outlined in our policies. 

At Boeing, diversity, equity, and inclusion are enduring company values. We strive to live these values every day not only because it’s the right thing to do, but because our success depends on it. The company’s commitment to diversity and inclusion providing a work environment for all employees that is welcoming, respectful and equitable, with opportunities for personal and professional development.

Experience Level
Manager

Contingent Upon Program Award
No, this position is not contingent upon program award