Governance, Risk Compliance; GRC Analyst; Senior or Lead

Position: Governance, Risk, & Compliance (GRC) Analyst (Senior or Lead)
Job Description

At Boeing, we innovate and collaborate to make the world a better place. We're committed to fostering an environment for every teammate that's welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us.

Boeing currently has an opening for a Governance, Risk, & Compliance (GRC) Analyst (Senior or Lead) that will play a key role in developing and maintaining enterprise policies, standards, control frameworks, implementation procedures and control applicability mappings across applications, infrastructure, cloud environments, databases, shared resources, and information systems. The hybrid position is located in Seattle, WA but will consider candidates in Arlington, VA;
Berkeley, MO;
Charleston, SC;
Chicago, IL;
El Segundo, CA;
Englewood, CO;
Everett, WA;
Kent, WA;
Mesa, AZ;
Plano, TX;
Ridley Park, PA;
San Francisco, CA, or Seal Beach, CA.

The ideal candidate possesses a strong blend of cybersecurity governance expertise, broad technical understanding, regulatory interpretation capabilities, and enterprise control framework experience.

Position Responsibilities:

* Lead the development, maintenance, and continuous improvement of enterprise policies, standards, controls, and implementation procedures

* Translate regulatory, contractual, and cybersecurity requirements into actionable governance and control requirements

* Design, maintain, and optimize the enterprise control framework, including control rationalization, consolidation, and framework alignment activities

* Partner with cybersecurity, infrastructure, engineering, cloud, application, data governance, privacy, and compliance teams to ensure governance requirements are practical, feasible, and align with business and operational needs

* Provide subject matter expertise related to control intent, implementation expectations, regulatory interpretation, and governance best practices

* Support governance modernization initiatives, Service Now IRM policy management, and control automation efforts to improve scalability, consistency, and efficiency

* Develop and support control policies and strategies, prepare governance reporting, and communicate program status, priorities, and progress to stakeholders and leadership

Basic Qualifications (Required Skills/Experience):

* 5+ years of experience in in Governance, Risk and Compliance (GRC), Information Technology (IT) Audit, Information Security, Vulnerability Management, and Compliance

* 5+ years experience supporting enterprise technology environments including applications, infrastructure, cloud services, databases, networks, or identity and access management platforms

* 3+ years experience writing enterprise policies, standards, controls and implementation procedures

* 3+ years of experience leading governance transformation or enterprise control framework initiatives

* Strong understanding of how enterprise technologies are deployed, operated, administered, and secured across different environments

* Experience collaborating directly with engineering, infrastructure, cloud, application, or operations teams to develop practical and technically feasible implementation procedures

* 3+ years of experience in cybersecurity and regulatory frameworks including NIST 800-53, NIST 800-171, CMMC, ISO, GDPR, ITAR or similar frameworks

* Experience mapping controls to enterprise technology assets and environments

Preferred qualifications (Desired Skills/Experience):

* 10 or more years of higher education and/or related work experience (Higher education includes college, university, technical school, licensing/certification programs, etc.)

* Bachelor's degree in Cybersecurity, information Technology, Risk Management, Computer Science, or related field

* Experience partnering with Legal, Privacy, Compliance, Internal Audit, or Regulatory Affairs teams to interpret and implement compliance obligations

* Ability to lead cross-functional governance discussions with both technical and non-technical stakeholders

* Experience with Service Now IRM or enterprise GRC platforms

* Familiarity with CMDB, enterprise asset inventoried, and configuration concepts

* Experience supporting control rationalization initiatives

* Experience supporting highly regulated industries

* Professional certifications such as CISSP, CGRC, CISA, CRISC

Conflict of Interest:

Successful candidates for this job must satisfy the Company's Conflict of Interest (COI) assessment process.

Drug Free Workplace:

Boeing is a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria is met as outlined in our policies.

Pay & Benefits:

At Boeing, we strive to deliver a Total Rewards package that will attract, engage and retain the top talent. Elements of the Total Rewards package include competitive base pay and variable compensation opportunities.

The Boeing Company also provides eligible employees with an opportunity to enroll in a…