Senior Product Security Compliance Analyst
Vacancy expired!
Job DescriptionAt Boeing, we innovate and collaborate to make the world a better place. From the seabed to outer space, you can contribute to work that matters with a company where diversity, equity and inclusion are shared values. We're committed to fostering an environment for every teammate that's welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us.The Boeing Company is seeking a Senior Product Security Compliance Analyst to collaborate with a team of IT and engineering to attain and maintain information system security compliance in accordance with DFARS / NIST SP 800-171. Product Security Engineering is supporting the Boeing Enterprise DevSecOps transformation across our business units by securing software engineering environments and factories, supporting the transition from on premise infrastructure to the cloud, and defining security practices and policies to integrate with development and operations of products and services.Boeing offers a comprehensive benefits package including generous Paid Time Off (PTO), flexible work environment , paid parental leave, 401k matching, very generous tuition assistance for earning advanced degrees, and paid medical leave programs. For more information, click here. Position Responsibilities:
- Communicate security requirements, perform analyses, and author documentation.
- Maintain System Security Plan (SSP) for Software Factories.
- Manage Plans of Action and Milestones (PoAMs) for non-compliance; track and support solution planning and implementation.
- Author, review, and maintain approval for SDTE policies and processes to support security compliance.
- Work within a SAFe Agile methodology of planning and managing statement of work.
- At least 5 years of Risk Management Framework (RMF) or DFARS NIST 800-171 Compliance experience
- 5 or more years' experience with Systems Security Plan (SSP), Security Controls Traceability Matrix (SCTM) and supporting compliance documents such as Access Control Plan (ACP)
- At least 5 years of Plan of Action and Milestones (POAM) writing, tracking, and management experience
- Working knowledge and experience in with AWS
- Experience with Splunk is desired
- Experience with Vulnerability Management
- Possess CISSP or Security+ Certification
Vacancy expired!