Build Your Career in Cybersecurity -
YOUR WAY

Summary Information About the Role

Amazon Prime Air InfoSec is looking for a skilled, experienced TPM to focus on our applications, systems, and infrastructure security. You are obsessed with customer trust. You have hands-on project management skills, breadth and depth of security knowledge, and excellent leadership skills.

​

You will be responsible for collecting business and system requirements from our customers, writing specifications, driving project schedules from design to release, and managing the production launch. You work with groups throughout Amazon Prime Air to help them integrate security at all levels of their projects. You will work to help other teams create solutions while developing strong security culture and practices. You proactively and continually improve your level of knowledge about Amazon’s business, information security, and relevant technologies.

​

We’re working on the future. If you are seeking an iterative fast-paced environment where you can drive innovation, apply state-of-the-art technologies to solve large-scale real world delivery challenges, and provide visible benefit to end-users, this is your opportunity. Come work on the Amazon Prime Air InfoSec Team!

• Interact with Stakeholders, Technical Program Managers and multiple Development Teams to define and deliver complex solutions
• Lead the effective and efficient delivery of the large, complex projects
• Anticipate bottlenecks, provide escalation management, anticipate and make trade-offs, and balance the business needs versus technical constraints
• Maximize resources for the greater good of the organization.
• Identify, assess, track and mitigate issues and risks at multiple levels
• Create, maintain and disseminate project information to stakeholders
• Drive effective teamwork, communication, collaboration and commitment across multiple disparate groups with competing priorities
• Drive the roadmap for building security and governance tools to solve innovative and unique problems that have not yet been solved within commercial off the shelf capabilities

Required Qualifications

• 3+ years of technical product or program management experience
• Experience managing programs across cross functional teams, building processes and coordinating release schedules
• 3+ years of working directly with engineering teams experience
• Working knowledge of global data privacy, information security regulations and policies
• Process building and project management
• Understanding of SDLC and Architecture System Design with the ability to ensure functionality and tradeoffs in terms of scalability, maintainability, extensibility, performance, and security.
• Bachelor's degree in engineering, computer science or equivalent

​

Preferred Qualifications

• Strong verbal and written communication skills with demonstrated experience engaging and influencing cross-functional stakeholders
• Working knowledge of system security vulnerabilities and remediation techniques, including penetration testing
• Demonstrated ability to understand and discuss technical concepts, manage trade-offs and evaluate new ideas with internal and external partners

Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.

​

Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.

Global Risk and Security (GR&S) at Vanguard enables business strategy, protects client and Vanguard interests (e.g., assets and data), and stewards a strong risk culture. Our teams leverage enterprise-wide insights, deep expertise, and trusted advice so that across Vanguard leaders and crew drive faster, stronger, risk-informed decisions.

​

Within GR&S, the Enterprise Security and Fraud (ES&F) sub-division is responsible for the global protection of Vanguard crew, property, data, and client assets. We are the trusted advisors that protect the pride of Vanguard with state-of-the-art security and fraud capabilities.

​

As the Senior Cybersecurity Risk Advisor supporting Vanguard’s Global Enterprise Security (GES) function, you will play a pivotal role on a new team in Technology Risk focused on enhancing line 2 oversight of Vanguard’s Enterprise Security & Fraud services. In this role you will act as an independent challenger and advisor to the GES organization and will influence critical initiatives, execute risk assessments, manage top risks and ensure comprehensive controls exist while collaborating with other risk partners and business units across the global organization. This is a senior position that is dynamic, highly visible, and will allow you to deliver tangible value in enhancing our ability to protect clients as well as shape our new team’s strategy and vision.

​

An ideal candidate has a blend of risk management and broad cyber experience in areas such as DevSecOps, Vulnerability Management, AppSec, Third-Party Security, GRC, and Security Awareness. Strong communication and written skills are required to influence senior decision makers.

​

About Vanguard

​

At Vanguard, we don't just have a mission—we're on a mission.

​

To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.

​

Our commitment to diversity, equity, and inclusion

​

Vanguard’s commitment to diversity, equity, and inclusion (DEI) is central to our ability to deliver on our mission. We aspire to create a work environment that is inclusive, equitable, and diverse—one that enables our employees, whom we call crew, to thrive and bring their best selves to work every day on behalf of our clients.

​

Cultivating DEI lifts our entire organization, and everyone shares accountability for our progress—from our senior leaders who lay the foundation and set the example for inclusive behaviors to crew who are growing in their personal DEI learning experiences.

​

Together, we’re on a mission. We are fueled by the value of diverse voices and connected through friendships and a culture of care—for our clients, our communities, and each other.

​

Vanguard’s DEI journey has no finish line. Our commitment is enduring, and we remain focused on the path ahead. To learn more about Vanguard goals and progress toward DEI, download our Diversity, Equity, and Inclusion Report.

​

How We Work

​

Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.

• Provides risk guidance, oversight, and assurance services to enterprise and divisional partners based on the Vanguard's operational and strategic risk framework. Ensures the development and implementation of effective divisional risk controls. Provides expert level technical risk advice and direction across GES capabilities.
• Leads and manages the efficiency and effectiveness of technical risk management within GES. Sets measurable goals and examines ways to raise standards, to increase quality and to improve overall technical risk management efforts of the team. Measures departmental success in identifying and managing technical risk exposure, and identifies and prioritizes existing and emerging risks and advises on appropriate control design and testing.
• Provides technical risk and architecture thought leadership and expertise. Leads and assists GES in the development, implementation and management of short- and long-term technical risk management strategies in accordance with department goals and objectives, standard risk management policies and procedures, and the overall risk strategy.
• Works with GES to mitigate risks and optimize process efficiency. Uses expert IT industry best practice knowledge to design effective controls, and makes recommendations for developing new technical risk management strategies for the business. Provides consultation, facilitation and analytical support to the divisional management team as new products, services, processes and procedures are developed to ensure risk is properly mitigated. Identifies potential solutions and recommends development options.
• Develops and maintains strong relationships with enterprise and divisional clients to understand their ongoing risk needs. Acts as a thought partner to the business, and effectively persuades and influences others.
• Assesses the design of existing controls and make recommendations, leverages industry best practice for improvement as needed. Understands the risk management framework and utilizes the core concepts when discussing risk exposures with the business. Identifies and advises on opportunities for continuous quality improvement of technical standards, methodologies, and technologies.
• Participates in special projects and performs other duties as assigned.

Required Qualifications

• Undergraduate degree or equivalent combination of training and experience. Graduate degree preferred.
• Minimum of eight years experience in Risk Management, Cybersecurity, or IT
• Certificates in relevant domains (e.g. CISSP, CRISC, AWS, Azure, etc)
• Familiarity with relevant frameworks (i.e. NIST CSF, ISO 27001)

Special Factors

​

Sponsorship

Vanguard is not offering visa sponsorship for this position.

Summary

​

The Boeing Company is currently seeking a Cybersecurity – Senior Information System Security Manager (ISSM) to join the team in El Segundo.

The selected candidate will rely on cybersecurity and Information Assurance (IA) background to be a technical leader and support Enterprise activities and Boeing customers throughout multiple classified computing domains. The ISSM is responsible for ensuring all Information System Security policies, standards, and directives are enforced to support assessment, authorization and continued operation of information systems processing classified information.

​

Company Overview

​

The Boeing Company

• Oversee the development and deployment of program information security for all program systems to meet the program and enterprise requirements, policies, standards, guidelines and procedures (multiple locations)
• Manage assigned team to facilitate effective execution of Risk Management Framework (RMF)
• Provide guidance and coaching to support team within Information Security
• Manage and perform security compliance continuous monitoring
• Oversee and participate in security assessments and audits
• Prepare, review, and present technical reports and briefings
• Identify root causes, prioritize threats and recommend and/or implement corrective action
• Explore the enterprise and industry for evolving state of industry knowledge and methods regarding information security best practices
• Lead development of enterprise-wide information security policies, standards, guidelines and procedures that may reach across multiple stakeholder organizations

Basic Qualifications (Required Skills/Experience):

• Successfully completed Tier 5 Investigation (T5), formerly known as a Single Scope Background Investigation (SSBI) by the federal government within the last 5 years or requires candidate to have been enrolled in a Continuous Vetting program within the last 5 years
• Currently hold certification in good standing to satisfy IAM Level III (CISSP, GSLC, or CISM)
• 5+ years of experience in cybersecurity policies and implementation of Risk Management Framework (RMF): e.g. DAAPM, CNSSI 1253, ICD-503, JSIG, or NIST SP 800 series
• Active Counterintelligence (CI) Polygraph with ability to obtain a Full Scope (FS) Polygraph

​

Preferred Qualifications (Desired Skills/Experience):

• Bachelor's degree or equivalent work or military experience
• 5+ years of experience utilizing security relevant tools, systems, and applications in support of Risk Management Framework (RMF) to include: NESSUS, ACAS, DISA STIGs, SCAP, Audit Reduction, and HBSS
• 5+ years of experience in assessing and documenting test or analysis data to show cybersecurity compliance

Additional Position Responsibilities:

• Project Management
• Auditing
• Certification and qualification
• Cybersecurity systems threat and environment
• Emerging computing technology
• Government security regulations
• Hardware/software development
• Information assurance and protection
• Network systems and system security processes
• Vulnerability assessments

​

Drug Free Workplace:

Boeing is a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria is met as outlined in our policies.

​

Pay & Benefits:

At Boeing, we strive to deliver a Total Rewards package that will attract, engage and retain the top talent. Elements of the Total Rewards package include competitive base pay and variable compensation opportunities.

​

The Boeing Company also provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and a number of programs that provide for both paid and unpaid time away from work.

​

The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location, date of hire, and the applicability of collective bargaining agreements.

​

Pay is based upon candidate experience and qualifications, as well as market and business considerations.

​

Summary pay range: $147,900 - $200,100

​

Language Requirements:

Not Applicable

​

Education:

Not Applicable

​

Relocation:

This position offers relocation based on candidate eligibility.

​

Export Control Requirement:

This position must meet export control compliance requirements. To meet export control compliance requirements, a “U.S. Person” as defined by 22 C.F.R. §120.15 is required. “U.S. Person” includes U.S. Citizen, lawful permanent resident, refugee, or asylee.

​

Safety Sensitive:

This is not a Safety Sensitive Position.

​

Security Clearance:

This position requires an active U.S. Top Secret/SCI Security Clearance (U.S. Citizenship Required). (A U.S. Security Clearance that has been active in the past 24 months is considered active)

​

Visa Sponsorship:

Employer will not sponsor applicants for employment visa status.

​

Contingent Upon Award Program:

This position is not contingent upon program award

​

Shift:

Shift 1 (United States of America)

​

Stay safe from recruitment fraud! The only way to apply for a position at Boeing is via our Careers website. Learn how to protect yourself from recruitment fraud - Recruitment Fraud Warning

​

Boeing is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law.

​

EEO is the law

​

Boeing EEO Policy

​

Request an Accommodation

​

Applicant Privacy

​

Boeing Affirmative Action, EEO Policy, and Harassment

​

Boeing Participates in E-Verify

​

• E-Verify (English)
• E-Verify (Spanish)

​

Right to Work Statement

​

• Right to Work (English)
• Right to Work (Spanish)