Let’s get started
By clicking ‘Next’, I agree to the Terms of Service
and Privacy Policy, and consent to receive emails from Rise
Jobs / Job page
Senior Supply Chain Cybersecurity Specialist image - Rise Careers
Job details

Senior Supply Chain Cybersecurity Specialist - job 1 of 2

Senior Supply Chain Cybersecurity Specialist

Company:

The Boeing Company

The Boeing Company’s Third-Party Risk & Resilience Program Management Office, operating within the Boeing Enterprise Security organization, is currently seeking a Senior Supply Chain Cybersecurity Specialist to join the team in Everett, WA; Arlington, VA;  Auburn, WA; Berkeley, MO; Chicago, IL; Colorado Springs, CO; El Segundo, CA; Englewood, CO; Hazelwood, MO; Houston, TX; Huntington Beach, CA; Huntsville, AL; Jacksonville, FL; Kennedy Space Center, FL; Kent, WA; Long Beach, CA; Mesa, AZ; Miami, FL; North Charleston, SC; Ogden, UT; Oklahoma City, OK; Plano, TX; Portland, OR; Renton, WA; Ridley Park, PA; Saint Charles, MO; San Antonio, TX; Seal Beach, CA; or Tukwila, WA. 

Step into a critical role that safeguards Boeing's assets and operations across our complex global supply chain! We are seeking a key contributor to drive our program’s growth while performing essential Cyber Supply Chain Risk Management (Cyber-SCRM) operational duties. Our program strategically collaborates with Procurement, Contracts, Legal, Enterprise Security, Supply Chain, and Corporate Compliance functions to proactively identify, assess, and mitigate cybersecurity risks throughout the third-party lifecycle.

In this dynamic, high-volume environment, you will play a vital role in current Third-Party Risk Management (TPRM) transformation projects while executing ongoing risk management activities. As a crucial interface, you will effectively communicate complex cybersecurity concepts to both technical and non-technical audiences, including senior management and third-party representatives.

We are looking for a self-driven team player with a deep understanding of cybersecurity principles, risk management frameworks (such as NIST 800-161 and NIST 800-171), and supply chain dynamics. You will exercise sound judgment, operate with significant autonomy, and influence stakeholders, directly contributing to the protection of Boeing's critical assets. This is your chance to actively shape the future of our C-SCRM program, impacting program development and implementation while helping the team transition to sustained operational excellence as the program matures. If you’re ready to make a meaningful impact in a vital area of our business, we want you on our team!

Position Responsibilities:

  • Contribute to the development, documentation, and implementation of the TPRM governance model, strategy, policies, and operating procedures

  • Participate in the configuration and implementation of a Third-Party Risk Management (TPRM) technology platform

  • Assist in designing and implementing an inherent risk assessment methodology, including questionnaire development and risk scoring logic within the TPRM tool

  • Help establish and document processes for validating supplier due diligence information, such as certifications and questionnaires

  • Collaborate on developing requirements and testing plans for integrating the TPRM platform with other internal Boeing systems (Procurement, Contracts, Security systems, etc.)

  • Support the adoption and refinement of AI/automation tools for TPRM tasks like contract review and due diligence assistance

  • Assist in developing communication materials and training for internal stakeholders and suppliers regarding updated TPRM processes and requirements

  • Conduct and evolve comprehensive cybersecurity risk assessments of current and potential suppliers using established methodologies

  • Analyze assessment results, supplier environments, and threat intelligence to identify, prioritize, and document cybersecurity risks and control gaps

  • Develop, negotiate, and track pragmatic risk mitigation and corrective action plans with suppliers

  • Serve as a key cybersecurity subject matter expert during procurement activities (SOWs, RFIs/RFPs/RFS) and contract negotiations, ensuring appropriate cybersecurity clauses are included and enforced

  • Define and communicate cybersecurity control requirements to suppliers based on risk assessments, data sensitivity, service criticality, and regulatory obligations (NIST 800-171, CMMC, etc.)

  • Review and present technical reports and briefings on supplier cybersecurity postures and associated risks to various stakeholders

  • Act as a cybersecurity SME, providing guidance and consultation to internal teams and business partners on supply chain security matters

  • Contribute to the continuous improvement of new TPRM processes, tools, and metrics

This position is hybrid. The selected candidate will be required to perform some work onsite at one of the listed location options. This is at the hiring team’s discretion and could potentially change in the future.

Basic Qualifications (Required Skills/Experience):

  • 3+ years of experience with cybersecurity, information protection and/or risk management

  • 3+ years of experience in working information technology, risk, or compliance

  • 3+ years of experience with managing vendors, contracts, and/or working with supply chain processes or systems

Preferred Qualifications (Desired Skills/Experience):

  • Bachelor's degree or higher in Cybersecurity, Information Technology, Risk Management, Computer Science, or a related field

  • Cybersecurity certifications such as: CTPRP, CTPRA, C3PRM, CRISC, CISSP, CISM, Security+

  • Experience with C-SCRM frameworks, particularly NIST SP 800-161r1

  • Experience working with cybersecurity or risk management frameworks (e.g., NIST CSF, ISO 27001)

  • Experience participating in technology implementation projects, especially GRC/TPRM tools

  • Experience in process design, documentation, and improvement

  • Experience evaluating, implementing, or using GRC platforms and/or specialized TPRM tools

  • Experience with application of regulatory frameworks relevant to aerospace and defense (e.g., NIST SP 800-171, CMMC, DFARS, ITAR)

  • Experience with contract review and negotiation related to cybersecurity requirements

  • Experience with project management principles and practices

  • Experience working and communicating asynchronously with teammates and cross-functional partners

Drug Free Workplace:

Boeing is a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria is met as outlined in our policies.

Pay & Benefits:

At Boeing, we strive to deliver a Total Rewards package that will attract, engage and retain the top talent. Elements of the Total Rewards package include competitive base pay and variable compensation opportunities.  

The Boeing Company also provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and a number of programs that provide for both paid and unpaid time away from work.

The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location, date of hire, and the applicability of collective bargaining agreements.

Pay is based upon candidate experience and qualifications, as well as market and business considerations.

Summary pay range: $107,100 – $167,900

Language Requirements:

Not Applicable

Education:

Not Applicable

Relocation:

Relocation assistance is not a negotiable benefit for this position.

Export Control Requirement:

This position must meet export control compliance requirements. To meet export control compliance requirements, a “U.S. Person” as defined by 22 C.F.R. §120.15 is required. “U.S. Person” includes U.S. Citizen, lawful permanent resident, refugee, or asylee.

Safety Sensitive:

This is not a Safety Sensitive Position.

Security Clearance:

This position requires the ability to obtain a U.S. Security Clearance for which the U.S. Government requires U.S. Citizenship. An interim and/or final U.S. Secret Clearance Post-Start is required.

Visa Sponsorship:

Employer will not sponsor applicants for employment visa status.

Contingent Upon Award Program

This position is not contingent upon program award

Shift:

Shift 1 (United States of America)

Stay safe from recruitment fraud! The only way to apply for a position at Boeing is via our Careers website. Learn how to protect yourself from recruitment fraud - Recruitment Fraud Warning

Boeing is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law.

EEO is the law

Boeing EEO Policy

Request an Accommodation

Applicant Privacy


Boeing Participates in E – Verify

Right to Work Statement

Boeing Glassdoor Company Review
3.9 Glassdoor star iconGlassdoor star iconGlassdoor star icon Glassdoor star icon Glassdoor star icon
Boeing DE&I Review
No rating Glassdoor star iconGlassdoor star iconGlassdoor star iconGlassdoor star iconGlassdoor star icon
CEO of Boeing
Boeing CEO photo
David Calhoun
Approve of CEO

Average salary estimate

$137500 / YEARLY (est.)
min
max
$107100K
$167900K

If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.

What You Should Know About Senior Supply Chain Cybersecurity Specialist, Boeing

Are you ready to take your cybersecurity career to the next level? Join The Boeing Company as a Senior Supply Chain Cybersecurity Specialist in beautiful Everett, WA! In this pivotal role, you'll be at the forefront of safeguarding our extensive global supply chain while contributing to our Third-Party Risk & Resilience Program Management Office. This position is all about collaboration – you'll partner with teams in Procurement, Contracts, Legal, and Compliance to identify and mitigate cybersecurity risks throughout the third-party lifecycle. Your expertise in Cyber Supply Chain Risk Management (Cyber-SCRM) will be key as you participate in current risk management projects and help drive significant program growth. Expect to be the go-to expert, effectively translating complex cybersecurity concepts to both technical and non-technical stakeholders. If you have strong knowledge of frameworks like NIST 800-161 and a passion for enhancing security strategies, this is the perfect opportunity for you. You'll also have an essential role in developing policies, implementing risk assessments, and managing vendor relationships. With various locations available and the flexibility of a hybrid work model, The Boeing Company offers a dynamic work environment tailored for personal growth and impact. If you're a self-motivated team player ready to influence the future of our cybersecurity initiatives, we want to hear from you!

Frequently Asked Questions (FAQs) for Senior Supply Chain Cybersecurity Specialist Role at Boeing
What are the primary responsibilities of a Senior Supply Chain Cybersecurity Specialist at The Boeing Company?

As a Senior Supply Chain Cybersecurity Specialist at The Boeing Company, your main responsibilities include contributing to the development and documentation of the Third-Party Risk Management (TPRM) governance model and implementing risk assessment methodologies. You'll collaborate with various teams to validate supplier information and assess cybersecurity risks while communicating findings to both technical and non-technical audiences.

Join Rise to see the full answer
What qualifications are required for the Senior Supply Chain Cybersecurity Specialist position at Boeing?

To qualify for the Senior Supply Chain Cybersecurity Specialist role at The Boeing Company, candidates should have at least three years of experience in cybersecurity or risk management, along with experience managing vendors or working with supply chains. Preferred qualifications include a relevant bachelor's degree and certifications such as CISSP or CISM.

Join Rise to see the full answer
How does the Senior Supply Chain Cybersecurity Specialist contribute to program development at The Boeing Company?

In the role of Senior Supply Chain Cybersecurity Specialist, you'll play a crucial part in shaping and enhancing the Cyber Supply Chain Risk Management program at The Boeing Company. You'll assist in policy documentation, implement technology solutions, and continuously improve processes to align with evolving cybersecurity practices.

Join Rise to see the full answer
What tools and frameworks should a Senior Supply Chain Cybersecurity Specialist at Boeing be familiar with?

A Senior Supply Chain Cybersecurity Specialist at The Boeing Company should be well-versed in cybersecurity frameworks such as NIST SP 800-161 and NIST SP 800-171. Familiarity with GRC/TPRM tools and regulatory frameworks related to aerospace and defense is also beneficial for effectively managing supplier risk.

Join Rise to see the full answer
Is prior experience in supply chain processes necessary for the Senior Supply Chain Cybersecurity Specialist role at Boeing?

Yes, prior experience in supply chain processes is highly beneficial for the Senior Supply Chain Cybersecurity Specialist role at The Boeing Company. Candidates will need to understand supply chain dynamics to effectively manage cybersecurity risks and collaborate with procurement and contract teams.

Join Rise to see the full answer
Common Interview Questions for Senior Supply Chain Cybersecurity Specialist
Can you explain your experience with Cyber Supply Chain Risk Management frameworks?

Discuss specific frameworks you have worked with, such as NIST 800-161, and share how you have applied these in your previous roles. Highlight any successful projects where you managed supplier risks and the outcomes.

Join Rise to see the full answer
How do you approach risk assessments for third-party suppliers?

Describe your methodology for conducting risk assessments, including the tools you use, how you gather information from suppliers, and how you analyze risks to develop effective mitigation strategies.

Join Rise to see the full answer
What steps would you take to communicate complex cybersecurity concepts to non-technical stakeholders?

Emphasize your ability to break down technical jargon into easily understood terms. Share examples of past experiences where you successfully communicated critical information to various audiences.

Join Rise to see the full answer
Can you give an example of a challenging supplier negotiation and how you handled it?

Provide a specific example where you faced difficulties during a negotiation. Discuss how you addressed concerns related to cybersecurity, and what strategies you employed to reach a successful agreement.

Join Rise to see the full answer
What is your experience with implementing TPRM technology platforms?

Discuss past experiences where you were involved in the configuration and execution of TPRM tools. Mention specific platforms you have used and the impact they had on improving risk management processes.

Join Rise to see the full answer
How do you prioritize cybersecurity risks when assessing suppliers?

Explain your criteria for prioritizing risks, such as data sensitivity or service criticality. Discuss how you utilize threat intelligence and control gap analyses in your evaluations.

Join Rise to see the full answer
What role does training and communication play in your cybersecurity strategy?

Highlight the importance of educating stakeholders and partners about cybersecurity policies and processes. Share examples of how you've developed training materials or sessions to ensure everyone understands their responsibilities.

Join Rise to see the full answer
How do you stay updated on current threats and changes in cybersecurity regulations?

Discuss the resources you use to stay informed, such as industry publications, webinars, and professional networks. Emphasize your commitment to continuous learning in the cybersecurity landscape.

Join Rise to see the full answer
Describe a situation where you identified a significant cybersecurity risk that others may have overlooked.

Provide a specific example of a risk you identified, how you discovered it, and the impact it had on your organization. Discuss the steps you took to mitigate the risk and any lessons learned from the experience.

Join Rise to see the full answer
What makes you passionate about cybersecurity in the supply chain?

Share your personal motivation for working in cybersecurity, particularly in supply chain contexts. Discuss how you believe effective cybersecurity can enhance business operations and protect critical assets.

Join Rise to see the full answer
Similar Jobs
Photo of the Rise User
Boeing Hybrid USA - Oklahoma City, OK
Posted 6 days ago

Join Boeing as a Senior Structural Analysis Engineer and contribute to the advancement of air vehicle engineering for defense programs.

Photo of the Rise User
Boeing Hybrid US, King County, WA; Washington State, Seattle, WA
Posted 6 days ago

Boeing seeks a Product Security Engineering Senior Manager to lead efforts in delivering secure and resilient commercial airplane products.

Photo of the Rise User
Customer-Centric
Rapid Growth
Diversity of Opinions
Reward & Recognition
Friends Outside of Work
Inclusive & Diverse
Empathetic
Feedback Forward
Work/Life Harmony
Casual Dress Code
Startup Mindset
Collaboration over Competition
Fast-Paced
Growth & Learning
Open Door Policy
Rise from Within
Maternity Leave
Paternity Leave
Flex-Friendly
Family Coverage (Insurance)
Medical Insurance
Dental Insurance
Vision Insurance
Mental Health Resources
Life insurance
Disability Insurance
Health Savings Account (HSA)
Flexible Spending Account (FSA)
401K Matching
Paid Holidays
Paid Sick Days
Paid Time-Off

Seeking a highly skilled Senior DevOps Engineer to lead initiatives in mobile engineering with a focus on CI/CD processes in a fast-paced environment.

Photo of the Rise User

Join OTI as a Director of Custom Application Development and lead innovative projects that impact millions of New Yorkers.

Photo of the Rise User
SOSi Hybrid Fort Belvoir, VA
Posted 5 days ago

Be part of a dedicated team as an IT Database Specialist, enhancing database solutions for our government customer at SOSi.

Posted 4 days ago

Join RMC as a Workstation Technician, where you'll support government environments and manage Windows workstation performance.

Photo of the Rise User
Posted 12 days ago

Be part of Datacom’s acclaimed Cybersecurity Defence Operations Centre as a Solutions Delivery Engineer driving the delivery of innovative cybersecurity solutions.

Photo of the Rise User
IMH Hybrid Intermountain Health Intermountain Medical Center
Posted 5 days ago

Join Intermountain Health as a Student Intern I in the IT department and gain invaluable experience while supporting essential tech functions.

Photo of the Rise User
Posted 12 days ago

Join the Georgia Client’s Office of Information Technology as a Cybersecurity Analyst, where you will enhance the security posture of the organization through monitoring and managing cybersecurity tools.

HSO Remote No location specified
Posted 3 days ago

Join HSO as an IT Support Engineer intern to gain hands-on experience in technical support within a dynamic IT environment.

Photo of the Rise User
Posted 2 months ago
Photo of the Rise User
Inclusive & Diverse
Diversity of Opinions
Work/Life Harmony
Dare to be Different
Reward & Recognition
Empathetic
Take Risks
Growth & Learning
Transparent & Candid
Mission Driven
Passion for Exploration
Feedback Forward
Medical Insurance
Dental Insurance
Vision Insurance
Mental Health Resources
Life insurance
Disability Insurance
Health Savings Account (HSA)
Flexible Spending Account (FSA)
Learning & Development
Paid Time-Off
Maternity Leave
Social Gatherings
Photo of the Rise User
Inclusive & Diverse
Empathetic
Collaboration over Competition
Growth & Learning
Transparent & Candid
Medical Insurance
Dental Insurance
Mental Health Resources
Life insurance
Disability Insurance
Child Care stipend
Employee Resource Groups
Learning & Development
Photo of the Rise User
Inclusive & Diverse
Rise from Within
Mission Driven
Diversity of Opinions
Work/Life Harmony
Transparent & Candid
Growth & Learning
Fast-Paced
Collaboration over Competition
Take Risks
Friends Outside of Work
Passion for Exploration
Customer-Centric
Reward & Recognition
Feedback Forward
Rapid Growth
Medical Insurance
Paid Time-Off
Maternity Leave
Mental Health Resources
Equity
Paternity Leave
Fully Distributed
Flex-Friendly
Some Meals Provided
Snacks
Social Gatherings
Pet Friendly
Company Retreats
Dental Insurance
Life insurance
Health Savings Account (HSA)

The story of our company is woven together from thousands of individual stories of engineers and technicians. Scientists and thinkers. Innovators and dreamers. Equity, diversity and inclusion are crucial to our employees, our stakeholders, and our...

1058 jobs
MATCH
VIEW MATCH
FUNDING
SENIORITY LEVEL REQUIREMENT
TEAM SIZE
EMPLOYMENT TYPE
Full-time, hybrid
DATE POSTED
April 20, 2025

Subscribe to Rise newsletter

Risa star 🔮 Hi, I'm Risa! Your AI
Career Copilot
Want to see a list of jobs tailored to
you, just ask me below!