Clearance Jobs
Senior Security Governance, Risk & Compliance (GRC) Analyst
Clearance Jobs - Washington, District Of Columbia, United States, 20310
Work at Clearance Jobs
Overview
- View job
Overview
Senior Security Governance, Risk & Compliance (GRC) Analyst
At Boeing, we innovate and collaborate to make the world a better place. We're committed to fostering an environment for every teammate that's welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us. The Boeing Company is currently seeking a Senior Security Governance, Risk & Compliance (GRC) Analyst to join the team in Arlington, VA; Berkeley, MO; Chicago, IL; El Segundo, CA; Englewood, CO; Everett, WA; Kent, WA; Mesa, AZ; North Charleston, SC; Plano, TX; Ridley Park, PA; or Seal Beach, CA. The Senior Security GRC Analyst is responsible for leading and maturing Boeing's cybersecurity risk management program. This role involves identifying, assessing, and mitigating cyber threats and vulnerabilities to protect the organization's assets, data, and reputation. This role leads the development and guides effective adoption of enterprise security policies, procedures, and controls, while ensuring alignment with relevant regulations and industry best practices. The ideal candidate with be primarily responsible for managing and maintaining the ServiceNow GRC and Integrated Risk Management (IRM) module administration. This role focuses on configuration, administration, and ongoing support to ensure effective cybersecurity risk visibility and reporting striving for highest level of quality system of record as Boeing's enterprise GRC platform which involves active stakeholder engagement, implementation of system enhancements, and ensuring the platform's optimal and sustaining performance. This role requires a proactive and detail-oriented individual with a strong technical background and the ability to work effectively with diverse teams. This role is essential in ensuring Boeing's security and compliance posture is robust and aligned with business objectives. Position Responsibilities: Monitor, measure and report on cybersecurity risks and policy and regulatory compliance findings across the Boeing enterprise and globally Evaluate the effectiveness of existing security controls and recommend improvements or new controls to mitigate identified risks Ensure that the organization's cybersecurity practices align with relevant policies, regulations, and industry best practices Prepare detailed reports on risk assessments, incident investigations, and other security-related activities Lead the cybersecurity risk management lifecycle, including risk identification, assessment, remediation, and treatment Develop, implement, and maintain cybersecurity risk management policies, procedures, and frameworks Conduct and facilitate cyber security risk assessments, including threat assessments, vulnerability assessments, and impact assessments Communicate risk assessment findings, recommendations, and mitigation strategies to stakeholders, including senior management and business owners Identify, recommend, and implement appropriate security controls to mitigate identified risks Ensure compliance with relevant cybersecurity regulations, standards, and best practices Improve the effectiveness of the cybersecurity risk management program through ongoing monitoring, evaluation, and adjustments Basic Qualifications (Required Skills/Experience): 5+ years of experience with GRC and/or internal/external audit with a focus on technology and cybersecurity risk 5+ years of experience implementing and assessing controls within complex IT environments, including infrastructure, cloud, applications, identity, and security operations 5+ years of experience analyzing risk and issue data beyond surface-level symptoms to identify root causes, remediation gaps, and systemic weaknesses 5+ years of experience with common control and cyber risk management frameworks and methodologies (e.g., NIST 800-171, NIST CSF, ISO 27001, Australia ISM) 3+ years of experience as a systems administrator of ServiceNow GRC and IRM modules 3+ years of experience with cyber risk scorecards and building GRC dashboards Preferred Qualifications (Desired Skills/Experience): Bachelor's degree in Cybersecurity, Information Systems, Risk Management, or a related field Current industry certifications such as CRISC, CISSP, CISA, or CGEIT Experience working in highly regulated environments (e.g., aerospace, defense, financial services)
At Boeing, we innovate and collaborate to make the world a better place. We're committed to fostering an environment for every teammate that's welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us. The Boeing Company is currently seeking a Senior Security Governance, Risk & Compliance (GRC) Analyst to join the team in Arlington, VA; Berkeley, MO; Chicago, IL; El Segundo, CA; Englewood, CO; Everett, WA; Kent, WA; Mesa, AZ; North Charleston, SC; Plano, TX; Ridley Park, PA; or Seal Beach, CA. The Senior Security GRC Analyst is responsible for leading and maturing Boeing's cybersecurity risk management program. This role involves identifying, assessing, and mitigating cyber threats and vulnerabilities to protect the organization's assets, data, and reputation. This role leads the development and guides effective adoption of enterprise security policies, procedures, and controls, while ensuring alignment with relevant regulations and industry best practices. The ideal candidate with be primarily responsible for managing and maintaining the ServiceNow GRC and Integrated Risk Management (IRM) module administration. This role focuses on configuration, administration, and ongoing support to ensure effective cybersecurity risk visibility and reporting striving for highest level of quality system of record as Boeing's enterprise GRC platform which involves active stakeholder engagement, implementation of system enhancements, and ensuring the platform's optimal and sustaining performance. This role requires a proactive and detail-oriented individual with a strong technical background and the ability to work effectively with diverse teams. This role is essential in ensuring Boeing's security and compliance posture is robust and aligned with business objectives. Position Responsibilities: Monitor, measure and report on cybersecurity risks and policy and regulatory compliance findings across the Boeing enterprise and globally Evaluate the effectiveness of existing security controls and recommend improvements or new controls to mitigate identified risks Ensure that the organization's cybersecurity practices align with relevant policies, regulations, and industry best practices Prepare detailed reports on risk assessments, incident investigations, and other security-related activities Lead the cybersecurity risk management lifecycle, including risk identification, assessment, remediation, and treatment Develop, implement, and maintain cybersecurity risk management policies, procedures, and frameworks Conduct and facilitate cyber security risk assessments, including threat assessments, vulnerability assessments, and impact assessments Communicate risk assessment findings, recommendations, and mitigation strategies to stakeholders, including senior management and business owners Identify, recommend, and implement appropriate security controls to mitigate identified risks Ensure compliance with relevant cybersecurity regulations, standards, and best practices Improve the effectiveness of the cybersecurity risk management program through ongoing monitoring, evaluation, and adjustments Basic Qualifications (Required Skills/Experience): 5+ years of experience with GRC and/or internal/external audit with a focus on technology and cybersecurity risk 5+ years of experience implementing and assessing controls within complex IT environments, including infrastructure, cloud, applications, identity, and security operations 5+ years of experience analyzing risk and issue data beyond surface-level symptoms to identify root causes, remediation gaps, and systemic weaknesses 5+ years of experience with common control and cyber risk management frameworks and methodologies (e.g., NIST 800-171, NIST CSF, ISO 27001, Australia ISM) 3+ years of experience as a systems administrator of ServiceNow GRC and IRM modules 3+ years of experience with cyber risk scorecards and building GRC dashboards Preferred Qualifications (Desired Skills/Experience): Bachelor's degree in Cybersecurity, Information Systems, Risk Management, or a related field Current industry certifications such as CRISC, CISSP, CISA, or CGEIT Experience working in highly regulated environments (e.g., aerospace, defense, financial services)