Cyber Supply Chain Analyst

Job Description
At Boeing, we innovate and collaborate to make the world a better place. We're committed to fostering an environment for every teammate that's welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us.
Location:
Brisbane
Category:
Business Support
Position Type:
Permanent
Job Reference:
BOE/1919310
Attachments:
No File Attached
Share This:
Boeing Defence Australia is shaping the future of aerospace and delivering some of the nation's most important programs for the Australian Defence Force.
Joining us is a chance to make your mark, working with a diverse team that is united in pushing the boundaries of imagination and excellence.
We currently employ more than 3,000 people across 14 sites in Australia and three international locations and have a range of opportunities available as we plan for future growth.
The opportunity
Boeing Defence Australia is recruiting a Cyber Supply Chain Risk Analyst to manage our third-party supply chain risk function. In this role you will mature the C-SCRM program across advanced aerospace, autonomous systems and sustainment portfolios to meet Australian Government and Defence security frameworks. You will develop methodologies to identify critical suppliers and supply chain dependencies, perform Foreign Ownership control and Influence and Software Bill of Materials based risk assessments, and translate technical findings into actionable remediation and contractual controls.
Working closely with Procurement, Legal, Engineering and program leadership, you will mature vendor monitoring and incident response processes, deliver governance reporting and metrics for Senior Leadership, and lead training to elevate organisational supply chain security. The ideal candidate is an Australian citizen eligible for NV1 clearance with at least five years' experience in cyber risk and supply chain security, demonstrable application of PSPF/DSPF/ISM, cloud security awareness, and a track record of managing high-value sovereign vendors.
Responsibilities:

• Work with all levels of the business to enhance cyber-related vendor management processes
• Mature methodologies for identifying critical suppliers, manufacturers and distributors and for identifying and mitigating cyber supply chain risks including risk emerging from Foreign Ownership Control and Influence (FOCI)
• Incorporate critical regulatory controls into processes including PSPF, DSPF and ISM.
• Report to various councils and governance committees, including against a set of defined metrics,
• Recommend enhanced processes for handling vendor cybersecurity incident monitoring and response
• Contribute to training in cyber supply chain risk reduction.

Experience/Qualifications

• An Australian Citizen with the ability to hold and maintain NV1 security clearance.
• Minimum of 5 years of experience in information security, with a focus on Cyber Risk and Supply Chain
• A bachelor's degree in cyber security, Information Technology, Risk Management, or equivalent industry experience.
• Demonstrated experience applying the Protective Security Policy Framework (PSPF), Defence Security Principles Framework (DSPF) and the Australian Government Information Security Manual (ISM).
• Proven ability to conduct technical and non-technical risk assessments, including Foreign Ownership, Control, or Influence (FOCI) and Software Bill of Materials (SBOM) analysis.
• Familiarity with cloud security principles and technologies and how they impact supply chain integrity in a hybrid environment.
• Experience managing and auditing high-value external vendors to ensure they meet rigorous sovereign security obligations.
• Demonstrated ability to partner with Procurement, Legal, and Engineering teams to embed security requirements into commercial contracts and statements of work.
• Strong communication skills, both verbal and written, with the ability to convey complex security concepts to non-technical stakeholders.

Culture
We are committed to building a diverse and inclusive workplace. Female applicants, people of Aboriginal or Torres Strait Island descent and ex-defence personnel are encouraged to apply.
Benefits

• Flexible working options
• Study assistance
• Salary packaging
• Employee Incentive Program
• Global opportunities

How to apply
If you are ready to join an innovative industry leader, click Apply Now.
Equal Opportunity Employer:
We are an equal opportunity employer. We do not accept unlawful discrimination in our recruitment or employment practices on any grounds including but not limited to; race, color, ethnicity, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military and veteran status, or other characteristics covered by applicable law.
We have teams in more than 65 countries, and each person plays a role in helping us become one of the world's most innovative, diverse and inclusive companies. We are proud members of the Valuable 500 and welcome applications from candidates with disabilities. Applicants are encouraged to share with our recruitment team any accommodations required during the recruitment process. Accommodations may include but are not limited to: conducting interviews in accessible locations that accommodate mobility needs, encouraging candidates to bring and use any existing assistive technology such as screen readers and offering flexible interview formats such as virtual or phone interviews.