Senior Governance, Risk, and Compliance (GRC) Process Analyst
Company:
The Boeing Company
Boeing is seeking a detail-oriented and analytical **Senior ****Governance, Risk, and Compliance (**GRC) Process Analyst to support governance, risk, and compliance initiatives for Infrastructure team at our Mesa, AZ; Dallas, TX; Colorado Springs, CO; Fort Walton Beach, FL; Jacksonville, FL; Miami, FL; North Charleston, SC; Ridley Park, PA; Portland, OR; Salt Lake City, UT; San Antonio, TX; Seal Beach, CA; Seattle, WA; or Berkeley, MO.
The ideal candidate will have experience in SOX compliance, vulnerability management coordination, risk assessments, security controls validation, and corporate/internal audit support.
This role will partner with Information Security, IT&O, Internal Audit, Compliance, SOX, External Audit, and Business stakeholders to ensure compliance with regulatory requirements, strengthen security posture, and maintain effective internal controls.
Position Responsibilities:
- Support the organization’s GRC framework, policies, standards, and procedures
- Conduct risk assessments and maintain enterprise risk registers.
- Identify, assess, and track remediation of technology and cybersecurity risks
- Assist in third-party/vendor risk assessments and compliance reviews
- Monitor compliance with internal policies and regulatory requirements
- Support ITGC (IT General Controls) and SOX compliance activities
- Coordinate control testing, evidence collection, and remediation tracking
- Work with control owners to ensure Design effectiveness and operational effectiveness of SOX controls
- Assist during external and internal SOX audits
- Maintain documentation for SOX controls, narratives, and process flows
- Coordinate vulnerability management activities with infrastructure teams
- Track remediation of identified vulnerabilities and security findings.
- Support periodic access reviews and security compliance assessments
- Act as liaison between IT/Security teams and Internal/External Auditors
- Prepare audit evidence and coordinate audit requests.
- Track audit findings and remediation plans through closure
- Assist with audit readiness initiatives and continuous monitoring activities
- Develop dashboards, metrics, and compliance reports for management
- Maintain accurate documentation for risks, controls, findings, and remediation efforts
- Support policy and procedure reviews and updates
- Support automation for SOX controls by identifying the scope and recommend all possible options for automation
- Directs activities to define, deploy, evaluate and support common computing standards, IT processes, tools and process/performance metrics
- Leads activities to define plans to support common standards and processes. Identifies qualitative and quantitative improvement measures
- Advises on the selection of key parameters and standards to monitor progress. Leads the definition, development and deployment of common process requirements and infrastructure products and services
- Directs activities to educate and promote use of Boeing IT common processes, methodologies, products and services.
- Leads, consults and coaches in common processes for software development and maintenance
- Leads the review and evaluation of new technology for software process impact. Supports and integrates architecture mapping to common processes
Basic Qualifications (Required skills/experience):
- 5+ years of experience in Governance, Risk, and Compliance (GRC), Information Technology (IT) Audit, Information Security, vulnerability management, and Compliance
- 5+ SOX ITGC, Security Controls, Vulnerability Management processes, Audit lifecycle and compliance practices
- 3+ Experience with Governance, Risk, and Compliance (GRC) tools such as ServiceNow GRC, Audit Board, and CAIRO
- 3+ years with infrastructure experience including network, database, operating systems, IAM, change management, and periodic reconciliations
- 3+ years of industry security standards experience, such as NIST, ISO 27001, COBIT, and OWASP
- 3+ years in risk management
- 3+ years in root cause corrective analysis
- 5+ years of managing multiple competing priorities
- 5+ years of experience in consulting or in a strategic role that influences the business
- Must have excellent communication and presentation skills
Preferred Qualification (Desired skills/experience):
- 10 or more years’ related work experience or an equivalent combination of education and experience
- 10+ years of experience in GRC, IT Audit, Information Security, vulnerability management, and Compliance
- 10+ SOX ITGC, Risk Management methodologies, Security Controls, Vulnerability Management processes, Audit lifecycle and compliance practices
- 5+ Experience with GRC tools such as ServiceNow GRC, Audit Board, and CAIRO
- 10+ years hands on experience with Governance, Risk, and Compliance (GRC) experience
- 5+ years with infrastructure experience including network, database, operating systems, IAM, change management, and periodic reconciliations
- 5+ years of industry security standards experience, such as NIST, ISO 27001, COBIT, and OWASP
- 5+ years in risk management
- 5+ years in root cause corrective analysis
Conflict of Interest:
Successful candidates for this job must satisfy the Company’s Conflict of Interest (COI) assessment process.
Drug Free Workplace:
Boeing is a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria is met as outlined in our policies_._
Pay & Benefits:
At Boeing, we strive to deliver a Total Rewards package that will attract, engage and retain the top talent. Elements of the Total Rewards package include competitive base pay and variable compensation opportunities.
The Boeing Company also provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and a number of programs that provide for both paid and unpaid time away from work.
The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location, date of hire, and the applicability of collective bargaining agreements.
Pay is based upon candidate experience and qualifications, as well as market and business considerations.
Summary pay range:
Sr Level 4: $117,900 - $160,000
Sr. Level 5: $146,700 - $198,000
Language Requirements:
Not Applicable
Education:
Not Applicable
Relocation:
Relocation assistance is not a negotiable benefit for this position.
Export Control Requirement:
This position must meet U.S. export control compliance requirements. To meet U.S. export control compliance requirements, a “U.S. Person” as defined by 22 C.F.R. §120.62 is required. “U.S. Person” includes U.S. Citizen, U.S. National, lawful permanent resident, refugee, or asylee.
Safety Sensitive:
This is not a Safety Sensitive Position.
Security Clearance:
This position does not require a Security Clearance.
Visa Sponsorship:
Employer will not sponsor applicants for employment visa status.
Contingent Upon Award Program
This position is not contingent upon program award
Shift:
Shift 1 (United States of America)
Stay safe from recruitment fraud! The only way to apply for a position at Boeing is via our Careers website. Learn how to protect yourself from recruitment fraud - Recruitment Fraud Warning
Boeing is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law.
EEO is the law
Boeing EEO Policy
Request an Accommodation
Applicant Privacy
Boeing Participates in E – Verify
- E-Verify (English)
- E-Verify (Spanish)
**Right to Work Statement **
- Right to Work (English)
- Right to Work (Spanish)