×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Data Security

Third Party Risk and Resilience; TPRR Governance Manager

Job in Mesa, Maricopa County, Arizona, 85201, USA
Listing for: The Boeing Company
Full Time position
Listed on 2026-01-09
Job specializations:
  • IT/Tech
    Cybersecurity, Data Security
Job Description & How to Apply Below
Position: Third Party Risk and Resilience (TPRR) Governance Manager

Job Description

At Boeing, we innovate and collaborate to make the world a better place. We’re committed to fostering an environment for every teammate that’s welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us.

Overview

Boeing is seeking a hands-on and outcome driven Third Party Risk and Resilience (TPRR) Governance Manager to lead the Global Data Inventory (GDI) and the enterprise governance and operating model for Third-Party Risk and Resilience in Mesa, AZ;
Arlington, VA;
Everett, WA;
Hazelwood, MO;
North Charleston, SC;
Plano, TX; or Ridley Park, PA.

This leader will coordinate with the Information Digital Technology & Security (IDT&S) Quick Reference Card (QRC) to establish clear policy, standards, and control criteria; publish and maintain command media; manage the Cyber Supply Chain Risk Management (C‑SCRM) Strategy & Implementation Plan (SIP); and drive integration of TPRR requirements into business processes and systems across the third-party lifecycle (onboarding, ongoing monitoring, issue management, and offboarding).

The successful candidate will partner closely with Product Security, the Defense Federal Acquisition Regulation Supplement (DFARS) Cybersecurity Program Management Office, Corporate Compliance, Procurement, Purchasing Organizations, and the TPRR Technology, Assessments, and Operations pillar to ensure that TPRR design translates into operational excellence, measurable outcomes, and sustained compliance (e.g., NIST SP 800‑171/161, SR family of controls). This role directly supports addressal of Sentinel cybersecurity gaps, audit readiness, and risk transparency for leadership.

Position

Responsibilities
  • Mature the TPRR governance and operating model, including policy, standards, procedures, and control criteria (SR family, SP5 updates, certification‑based assurance)
  • Publish and maintain TPRR command media and critical documentation; ensure traceability to regulatory, contractual, and internal control requirements
  • Lead the development and maintenance of our C‑SCRM Strategy & Implementation Plan (SIP), including update cadence
  • Define and maintain enterprise assessment criteria, scoring models, control requirements, and risk decisioning thresholds to support consistent, defensible outcomes
  • Govern integration design across the TPRR lifecycle (e.g., Cybersecurity Maturity Model Certification (CMMC) ingestion, Product Security, FFU, OT, Bit Sight signal use, QRC alignment, TACOS/issue management interfaces)
  • Partner with TPRR Technology & Assessment Operations to operationalize controls and requirements in Aravo; actively participate in the Aravo Change Board to prioritize configuration and ensure policy alignment
  • Oversee alignment to Sentinel gaps, Audit Board risk and control management, internal/external audit readiness, track remediation and report progress to leadership
  • Establish TPRR metrics and Key Performance Indicators (KPIs) in partnership with TPRR Technology & Assessment Operations team and TPRR Project Management Office; ensure measures drive risk reduction, SLA adherence, and quality of outcomes
  • Provide executive-ready communications, leadership updates, and decision support (e.g., operating rhythm, Sub‑Council materials, roadmap revisions)
  • Drive change management, training, command media, and desktop references/job aids for enterprise stakeholders adopting TPRR requirements
  • Lead a high-performing team of TPRR governance, design, and integration professionals; build talent, foster collaboration, and promote a culture of accountability and continuous improvement
Basic Qualifications (Required Skills/Experience)
  • 3+ years in third-party risk management, cyber risk governance, assurance, or related risk/compliance roles, including experience designing policies, standards, and control frameworks
  • Experience with NIST SP 800‑171/161 and enterprise third‑party risk control families; familiarity with DFARS/DoD cyber ecosystem and certification‑based assurance approaches
  • Experience with governing technology/process integrations across complex programs (e.g., assessment workflows, issue management)
  • Experience partnering with…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search