Cybersecurity Controlled Unclassified Information (CUI) Compliance Operations Senior Manager

About The Position

Requirements

• Successfully completed a Tier 5 Investigation (T5), formerly known as a Single Scope Background Investigation (SSBI) by the federal government within the last 5 years, or been enrolled in a Continuous Vetting program within the last 5 years
• 10+ years of experience in information security, compliance, or project management implementing and maintaining NIST SP 800-171 or similar NIST compliant environments
• Experience in business and/or organizational change management
• Experience developing and managing road maps, budgets, timelines, and stakeholder metrics
• Experience in CMMC, DFARS, and DoD contractor environments
• Experience with IAM tools, logging/monitoring, and encryption

Nice To Haves

• Currently hold IAM Level 1 DoD 8140.01 (previously 8570.01) compliant certification (i.e. CAP, GSLC, Security+ CE, CISSP, CASP, CISM, GSLC)
• Experience in utilizing security relevant tools, systems, and applications in support of Risk Management Framework (RMF) to include: NESSUS, ACAS, DISA STIGs, SCAP, Audit Reduction, and HBSS
• Experience with project management in a leadership capacity
• Experience developing and managing strong relationships with partners (internal & external) and government customers and representatives
• Experience working with a Government Agency in a compliance capacity

Responsibilities

• Lead a team of ISSMs and ISSOs responsible for preparing and maintaining documentation required for CMMC certification and audits (e.g., System Security Plans) and to perform and review technical security assessments
• Lead and maintain the enterprise operations of CUI compliance to ensure protection, handling, and dissemination of CUI per applicable laws, regulations, and NIST guidance (including NIST SP 800-171)
• Implement, and maintain CMMC compliance strategies and policies to ensure research, development, and operational activities meet CMMC standards
• Collaborate with stakeholders across business units, IT, legal, and DFARS Cyber PMO to define objectives, success metrics, and risk mitigation strategies
• Work with external assessors and security representatives to facilitate CMMC assessments and certifications; manage assessor engagement and remediation tracking
• Conduct periodic compliance assessments and audits (self and third-party); track remediations and verify closure
• Monitor regulatory changes, CMMC updates, DoD and federal guidance, and technology developments; advise leadership on strategy adjustments
• Prepare and deliver regular reports and briefings to senior leadership and stakeholders on program status, risks, metrics, roadmaps, and planned actions

Benefits

• Elements of the Total Rewards package include competitive base pay and variable compensation opportunities.
• The Boeing Company also provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and a number of programs that provide for both paid and unpaid time away from work.