Risk Management Analyst (Mid-Level or Senior)

About The Position

Requirements

• 3+ years of experience with cybersecurity, information protection, risk management, and/or IT compliance
• 3+ years of experience working with Risk Management Framework (RMF) requirements and implementation
• 3+ years of experience designing, supporting, or executing AI, data, privacy, cybersecurity, or other technology risks assessments and translating findings into practical controls and process improvements
• 3+ years of experience working in risk management, governance, and regulatory requirements related to cybersecurity with a specific focus on business outcomes and service delivery
• 3+ years of experience in a role that required teaming and collaboration skills, and ability to work well with a geographically dispersed cross-functional and matrix team
• 3+ years of experience in a role that required the ability to work both independently and collaboratively

Nice To Haves

• 5+ years of higher education and/or related work experience
• Professional certifications such as CRISC (Certified in Risk and Information Systems Control), CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems Auditor), or ServiceNow Certified System Administrator / IRM Specialist
• 5+ years in Information Technology or cybersecurity
• 3+ years working extensively with ServiceNow IRM
• Excellent interpersonal and communication skills to collaborate effectively with cross-functional teams including cybersecurity, GRC, audit, IT, and business stakeholders
• Experience with AI-driven risk management tools or automation platforms
• Proactive, innovative mindset with a willingness to leverage AI and automation tools for risk management
• Experience with advanced data analysis skills, including proficiency with data visualization tools (e.g., Power BI, Tableau, ServiceNow dashboards)

Responsibilities

• Identify and maintain risks in alignment with Boeing’s risk taxonomy, continuously monitoring and managing risk exposure
• Perform risk assessments by collaborating with first line of defense (1LOD) stakeholders to conduct and document risk evaluations; validate entries, mitigation status, and data integrity
• Develop and execute risk response plans by working with 1LOD to document response steps and track progress according to established guidance
• Support risk reporting by coordinating with second line of defense (2LOD) and 1LOD to maintain current dashboards, metrics, and leadership reports
• Perform risk trend analysis to identify patterns and emerging risk areas through data analytics
• Facilitate risk management process improvements and collaborate with the platform team by providing detailed requirements to enhance the ServiceNow IRM workflows and dashboards
• Develop and maintain risk registers, dashboards, and reports to provide actionable insights to stakeholders
• Collaborate with business units to ensure risk policies and procedures are effectively implemented
• Support internal and external audits by providing risk data and documentation
• Monitor emerging risks and regulatory changes to update risk frameworks accordingly
• Enhance risk tooling and process efficiency by supporting workflow optimization and documentation of product processes
• Participate in cross-functional risk and compliance projects, partnering closely with cybersecurity, Governance Risk and Compliance (GRC), audit, Information Technology (IT), and business stakeholders to drive platform consistency, automation, and continuous improvement

Benefits

• health insurance
• flexible spending accounts
• health savings accounts
• retirement savings plans
• life and disability insurance programs
• paid and unpaid time away from work