At Boeing, we innovate and collaborate to make the world a better place. We’re committed to fostering an environment for every teammate that’s welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us.
The Boeing Company’s Enterprise Security organization is currently seeking a Vulnerability Management Senior Manager to join the team in Hazelwood, MO; Mesa, AZ; North Charleston, SC; or Seattle, WA.
The Vulnerability Management Senior Manager will lead and expand our global vulnerability management program. This role will focus on identifying, evaluating, and mitigating vulnerabilities across The Boeing Companys complex hybrid technology landscape, ensuring our security posture is robust, compliant, and aligned with both regulatory and business needs.
The selected candidate will lead the development and execution of vulnerability management strategies and partner closely with Global Trade Controls, Cybersecurity, IT infrastructure, and application teams. This role is a critical enabler of The Boeing Companys overall risk reduction efforts, especially regarding protecting Export Controlled and other sensitive data assets.
The ideal candidate possesses a wealth of experience and leadership in vulnerability management, leadership finesse to build enduring strategic partnerships, along with the ability to handle high-pressure situations having executive and board-of-directors-level visibility.
Position Responsibilities:
Lead the end-to-end Vulnerability Management lifecycle, including discovery, assessment, prioritization, remediation coordination, and reporting
Develop and maintain policies, standards, and processes for vulnerability detection, risk classification, and remediation
Build and manage metrics-driven dashboards and reports to convey vulnerability risk posture to technical and executive stakeholders
Direct tactical and strategic vulnerability management automation efforts to meet the increasingly fast-paced and ever-evolving vulnerability and threat landscape
Partner with Global Trade Controls, Cloud, and strategic partners to ensure all regulated systems meet compliance and security standards
Collaborate across IT and business functions to drive timely remediation of high-risk vulnerabilities, ensuring minimal business disruption
Direct team efforts to continuously scan and assess vulnerabilities across endpoints, servers, cloud workloads, and network infrastructure
Stay informed on emerging threats, zero-days, and best practices in vulnerability and patch management
Evaluate and manage external vendors delivering vulnerability and risk management solutions, ensuring alignment with SLAs
Manage audits, assessments, and incident response activities as they relate to identified vulnerabilities or patching deficiencies
Inspire and develop a high-performing team of cybersecurity professionals and foster a culture of accountability and continuous improvement
Ensure the program aligns with The Boeing Company’s enterprise risk management framework and regulatory requirements (e.g., ITAR, NIST 800-53, ISO 27001)
Drive automation and orchestration initiatives for vulnerability detection and response workflows
Basic Qualifications (Required Skills/Experience):
Bachelor’s degree or higher
5+ years of experience in leading technical teams
5+ years of experience in vulnerability management, risk assessment, and/or security analytics
3+ years of experience with Information Technology architecture including cloud and data architecture in a large-scale, hybrid cloud and on-prem environment
1+ years of experience working with the U.S. Export Administration Regulations (EAR) and/or U.S. International Traffic in Arms Regulations (ITAR)
Experience with performing vulnerability scans using RAPID7 or Nessus
Preferred Qualifications (Desired Skills/Experience):
Master’s degree in Cybersecurity, Business, or related technical field
Experience working with IT service management frameworks (ITIL) and vulnerability management standards (e.g., CVSS, NVD, CIS Benchspans)
Experience in security frameworks such as NIST CSF, ISO 27001, or CMMC
Experience influencing stakeholders and executives through concise communication and risk-based prioritization
Experience integrating vulnerability data with SIEM, GRC, or risk management platforms
Drug Free Workplace:
Boeing is a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria is met as outlined in our policies.
Pay & Benefits:
At Boeing, we strive to deliver a Total Rewards package that will attract, engage and retain the top talent. Elements of the Total Rewards package include competitive base pay and variable compensation opportunities.
The Boeing Company also provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and a number of programs that provide for both paid and unpaid time away from work.
The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location, date of hire, and the applicability of collective bargaining agreements.
Pay is based upon candidate experience and qualifications, as well as spanet and business considerations.
Summary pay range: $151,300 – $218,500
Applications for this position will be accepted until Jun. 20, 2025
Export Control Requirements: This is not an Export Control position.
Education
Bachelors Degree or Equivalent Required
Relocation
Relocation assistance is not a negotiable benefit for this position.
Visa Sponsorship
Employer will not sponsor applicants for employment visa status.
Shift
This position is for 1st shift
Equal Opportunity Employer:
Boeing is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law.
