The Boeing Company
Mid-levelVulnerabilityAssessments&InfrastructureSpecialist-Vulnerability&AttackSurfaceManagement(VASM)
Neural analysis suggests this role is
optimal for Mid-level candidates.
“Mid-level Vulnerability Assessments & Infrastructure Specialist - Vulnerability & Attack Surface Management (VASM) at The Boeing Company. Skills: Vulnerability Management, Attack Surface Management, Infrastructure Security, Application Security. Operate vulnerability assessment platforms. Optimize vulnerability assessment platforms”
Industry & Context.
Troubleshooting; Root cause analysis
U.S. Person required, Export control compliance
What They're Looking For.
Must Have
5+ years vulnerability scanning concepts, 5+ years enterprise vulnerability platforms, 5+ years Linux/Windows Security, 5+ years foundational networking issues, 5+ years network scanning/assessments, 5+ years analyzing vulnerability findings, 5+ years managing scan configurations
Nice to Have
Security+ certification, CISSP certification, CRISC certification, Vendor/tool-specific certifications, Application security exposure, Ingest/correlate AppSec findings, Integrate vulnerability management with AppSec pipelines, Integrate with DevSecOps toolchains, CI/CD integration, SCA experience, Container scanning experience, Boeing subsidiaries experience, Boeing mission domains experience, Boeing supply chain experience, CVSS risk rating, CISA SSVC risk rating, Organization-specific risk models, Threat intelligence correlation
What You'll Do.
Operate vulnerability assessment platforms
Optimize vulnerability assessment platforms
Integrate AppSec platforms
Identify security findings
Validate security findings
Prioritize security findings
Perform technical exploitability analysis
Perform business-impact assessments
Translate findings into remediation actions
Contribute to assessment playbooks
Contribute to scanning standards
Contribute to AppSec scanning pipelines
Contribute to reporting automation
Improve detection fidelity
Improve remediation velocity
Execute vulnerability assessments
Perform infrastructure discovery
Perform application discovery
Perform authenticated scanning
Perform targeted assessments
Configure vulnerability scanning platforms
Tune vulnerability scanning platforms
Maintain vulnerability scanning platforms
Manage scan credentials
Manage scan schedules
Distinguish true positives
Distinguish false positives
Identify environmental constraints
Identify configuration constraints
Correlate scanner output
Correlate threat intelligence
Correlate application findings
Correlate asset criticality
Produce contextualized risk ratings
Produce remediation priorities
Assess exploitability
Assess lateral movement potential
Assess operational impact
Create remediation plans
Coordinate compensating controls
Coordinate risk-accepted outcomes
Track remediation burndown
Escalate high-risk items
Produce executive reports
Produce technical reports
Collaborate with VASM teams
Collaborate with AppSec teams
Collaborate with DevSecOps teams
Collaborate with engineering teams
Collaborate with IT teams
Operationalize scanning capabilities
Integrate AppSec pipelines
Reduce noise through tuning
Reduce noise through automation
Contribute to continuous improvement
Drive automation of ingestion pipelines
Drive automation of correlation pipelines
Standardize playbooks
Deliver training to remediation owners
Deliver training to subsidiary teams
How You'll Work.
Team & Collaboration
VASM teams; AppSec teams; DevSecOps teams; Engineering teams; IT teams; Remediation owners; Subsidiary teams
Communication Scope
Executive presentations; Technical reports
Full Job Description
Mid-level Vulnerability Assessments & Infrastructure Specialist - Vulnerability & Attack Surface Management (VASM) **Company:** The Boeing Company The Boeing Company is currently seeking a **Mid-level Vulnerability Assessments & Infrastructure Specialist - Vulnerability & Attack Surface Management** **(VASM)** to join the team in Kent, WA; North Charleston, SC; Hazelwood, MO; Mesa, AZ; El Segundo, CA; or Plano, TX. The Boeing Company is seeking a Mid-level Vulnerability Assessments & Infrastructure Specialist to join the Vulnerability & Attack Surface Management (VASM) team. This hands-on role supports vulnerability management across the Boeing estate and subsidiaries, providing vulnerability risk analysis, application security support, and remediation orchestration for both infrastructure and applications. The ideal candidate combines practical experience operating enterprise vulnerability assessment platforms, applied application security knowledge, foundational infrastructure and networking skills, and business-context awareness of Boeing’s lines of business and subsidiaries. VASM protects Boeing’s global mission by identifying, validating, and driving remediation of vulnerabilities across cloud, datacenter, operational technology (OT), and application environments, including systems managed by Boeing Commercial Airplanes, Boeing Defense, Space & Security, Boeing Global Services, and key subsidiaries and supplier integrations. You will help close security gaps that could impact safety, supply chain continuity, regulatory compliance, or operational availability. **Position Responsibilities:** * Operate and optimize enterprise vulnerability assessment platforms and AppSec integrations to identify, validate, and prioritize security findings across infrastructure and applications * Perform technical exploitability analysis and business-impact assessments * Translate findings into prioritized, operationally feasible remediation actions for engineering, Information Tec
Applying for this Mid-level Vulnerability Assessments & Infrastructure Specialist - Vulnerability & Attack Surface Management (VASM) role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Workday
- Workday has a multi-step form — save your progress after every section.
- "Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
- Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
- Job requisition numbers are useful when following up with HR by email.
ANONYMOUS · UNFILTERED
What do employees actually say about The Boeing Company?
Real rants from real employees. Read before you apply.