Third Party Risk and Resilience (TPRR) Governance Manager

Company:

Boeing is seeking a hands-on and outcome driven Third Party Risk and Resilience (TPRR) Governance Manager to lead the Global Data Inventory (GDI) and the enterprise governance and operating model for Third-Party Risk and Resilience in Mesa AZ; Arlington VA; Everett WA; Hazelwood MO; North Charleston SC; Plano TX; or Ridley Park PA.

This leader will coordinate with the Information Digital Technology & Security (IDT&S) Quick Reference Card (QRC) to establish clear policy standards and control criteria; publish and maintain command media; manage the Cyber Supply Chain Risk Management (CSCRM) Strategy & Implementation Plan (SIP); and drive integration of TPRR requirements into business processes and systems across the third-party lifecycle (onboarding ongoing monitoring issue management and offboarding).

The successful candidate will partner closely with Product Security the Defense Federal Acquisition Regulation Supplement (DFARS) Cybersecurity Program Management Office Corporate Compliance Procurement Purchasing Organizations and the TPRR Technology Assessments and Operations pillar to ensure that TPRR design translates into operational excellence measurable outcomes and sustained compliance (e.g. NIST SP 800171/161 SR family of controls). This role directly supports addressal of Sentinel cybersecurity gaps audit readiness and risk transparency for leadership.

Position Responsibilities:

• Mature the TPRR governance and operating model including policy standards procedures and control criteria (SR family SP5 updates certificationbased assurance)

• Publish and maintain TPRR command media and critical documentation; ensure traceability to regulatory contractual and internal control requirements

• Lead the development and maintenance of our CSCRM Strategy & Implementation Plan (SIP) including update cadence

• Define and maintain enterprise assessment criteria scoring models control requirements and risk decisioning thresholds to support consistent defensible outcomes

• Govern integration design across the TPRR lifecycle (e.g. Cybersecurity Maturity Model Certification (CMMC) ingestion Product Security FitForUse (FFU) Operational Technology (OT) BitSight signal use Quick Reference Card (QRC) alignment TACOS/issue management interfaces)

• Partner with TPRR Technology & Assessment Operations to operationalize controls and requirements in Aravo; actively participate in the Aravo Change Board to prioritize configuration and ensure policy alignment

• Oversee alignment to Sentinel gaps AuditBoard risk and control management internal/external audit readiness track remediation and report progress to leadership

• Establish TPRR metrics and Key Performance Indications (KPIs) in partnership with TPRR Technology & Assessment Operations team and TPRR Project Management Office; ensure measures drive risk reduction Service Level Agreements (SLA) adherence and quality of outcomes

• Provide executive-ready communications leadership updates and decision support (e.g. operating rhythm SubCouncil materials roadmap revisions)

• Drive change management training command media and desktop references/job aids for enterprise stakeholders adopting TPRR requirements

• Lead a high-performing team of TPRR governance design and integration professionals; build talent foster collaboration and promote a culture of accountability and continuous improvement

BasicQualifications (Required Skills/Experience):

• 3 years in third-party risk management cyber risk governance assurance or related risk/compliance roles including experience designing policies standards and control frameworks

• Experience with NIST SP 800171/161 and enterprise thirdparty risk control families; familiarity with DFARS/DoD cyber ecosystem and certificationbased assurance approaches

• Experience with governing technology/process integrations across complex programs (e.g. assessment workflows issue management)

• Experience partnering with product/engineering teams

• Experience with strong communication skills and a record of driving crossfunctional alignment and change at scale

• Ability to translate policy and controls into operational requirements contract terms metrics and tooling backlogs

Preferred Qualifications (Desired Skills/Experience):

• Bachelors degree in information security IT Risk Management Business or related field

• Masters degree

• Certifications such as CISM CRISC CISSP CISA CBCP CGEIT CTPRP/CTPRA and/or PMP

• Experience with Aravo (or similar TPRM platforms) BitSight or equivalent external risk data QRC/TACOS or issue/quality management systems and AuditBoard

• Experience with advanced analytics and dashboarding (e.g. Power BI) for control effectiveness SLA and lifecycle reporting

• Experience leading governance councils command media programs and/or large-scale risk transformation initiatives

Drug Free Workplace:

Boeingis a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana cocaine opioids amphetamines PCP and alcohol when criteria is met as outlined in our policies.

Pay & Benefits:

At Boeing we strive to deliver a Total Rewards package that will attract engage and retain the top talent. Elements of the Total Rewards package include competitive base pay and variable compensation opportunities.

The Boeing Company also provides eligible employees with an opportunity to enroll in a variety of benefit programs generally including health insurance flexible spending accounts health savings accounts retirement savings plans life and disability insurance programs and a number of programs that provide for both paid and unpaid time away from work.

The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location date of hire and the applicability of collective bargaining agreements.

Pay is based upon candidate experience and qualifications as well as market and business considerations.

Summary pay range: $140250 - $203550

Language Requirements:

Education:

Relocation:

Export Control Requirement:

Safety Sensitive:

Security Clearance:

Visa Sponsorship:

Contingent Upon Award Program

Shift:

Stay safe from recruitment fraud! The only way to apply for a position at Boeing is via our Careers website. Learn how to protect yourself from recruitment fraud - Recruitment Fraud Warning