Senior Security Threat Assessment and Management Specialist at Boeing overseeing threat management and security operations. Collaborating with various departments to ensure safety protocols and incident management.
About the role
- Security Compliance Engineer leading security compliance and audit activities for SaaS cybersecurity products. Collaborating across teams to ensure effective compliance and continuous improvement.
Responsibilities
- Translate ESG business objectives into actionable GRC strategies, leveraging deep product and team process understanding to create clear compliance strategies.
- Facilitate and complete all product certification activities, including financial stewardship and contract reviews as needed.
- Achieve and maintain certifications, proactively identifying and mitigating risks for continuous compliance.
- Support the ESG Product Security (ProdSec) team in security compliance activities (risk assessment, secure software development), providing expert guidance to enhance overall security posture.
- Author and maintain required certification documents.
- Communicate and translate certification requirements (ISO, SSAE 18, NIST, etc.) to engineering teams, providing expert guidance.
- Maintain current understanding of regulations; interpret and communicate changes and their implications to stakeholders.
- Track milestones, proactively manage risks, and drive solutions to completion.
- Drive completion of any customer supplier risk requests by leveraging existing information and resources.
- Monitor schedule deviations and develop corrective actions.
- Coordinate cross-timezone team activities, including occasional off-hours interaction.
- Lead the identification, evaluation, and implementation of automation tools and processes for security compliance activities, including evidence collection, control validation, and reporting.
- Develop and implement technical strategies for efficient and accurate evidence gathering, ensuring data integrity and audit readiness.
- Collaborate with engineering, ProdSec, and InfoSec teams to integrate security compliance requirements into CI/CD pipelines and automated testing frameworks.
- Identify opportunities for proactive risk identification and mitigation strategies across product lines, influencing product development and operational practices.
- Exercise good judgment in achieving compliance objectives and resolving audit findings.
- Independently manage and prioritize multiple security compliance projects, providing regular updates and data presentations to stakeholders.
Requirements
- Bachelor's degree and 8+ years of progressive experience in security compliance, audit, or program management, with a strong emphasis on cybersecurity products.
- Self-starter with Driver personality.
- Cybersecurity background, particularly cloud security.
- Proven experience project managing security compliance audit or certification projects.
- Ability to quickly grasp complex technical concepts and make them easily understandable.
- Ownership of delivery for planned, high-risk, and complicated projects.
- Driving projects from conception (planning) to completion (release).
- Ability to parse compliance language and translate into layman's terms.
- Coordinating audit activities, including evidence gathering and redaction.
- Demonstrated experience with scripting languages (e.g., Python, PowerShell) for automation of GRC processes (such as evidence gathering).
- Demonstrated ability to work autonomously and manage multiple priorities effectively in a fast-paced environment.
Benefits
- Medical, dental and vision plans
- 401(K) participation including company matching
- Employee Stock Purchase Program (ESPP)
- Employee Assistance Program (EAP)
- company paid holidays
- paid sick leave and vacation time
- Paid Family Leave and other leaves of absence.
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Boeing Cybersecurity is seeking an ISSO to manage information system security across classified domains. Responsibilities include leading risk assessments, A&A processes, and compliance monitoring.
Safety Technician managing all safety operations on vessels for Norsul. Ensuring compliance with safety protocols and conducting training for crew members.
Senior Identity Security Engineer optimizing identity verification and access management solutions at S&P Global. Collaborating with cross - functional teams to enhance security infrastructure and automate identity processes.
Senior Security Researcher at CrowdStrike conducting cloud and Linux security research. Analyzing threats and developing advanced security models to protect cloud environments.
Cyber Security Analyst Senior at GDIT focusing on 24/7 monitoring and threat intelligence analysis. Integral in safeguarding government systems and anticipating future threats.
Senior Information Security Analyst responsible for protecting Omni's technology environment. Focus areas: Monitoring, Defense, Operations across on - premises, cloud, and endpoints.
Alternate Information System Security Officer overseeing security compliance for classified information systems. Evaluating security solutions and assisting in system security documentation and procedures.
IT - Systemadministrator managing physical security systems and multimedia solutions. Administration, support, and project involvement in multimedia and surveillance technologies in Roding.
Security Officer performing patrols, emergency response, and customer service at Climax Molybdenum. Managing site security and assisting with emergency situations at various locations.