The Boeing Company

MidlevelVulnerabilityAssessments&InfrastructureSpecialistVulnerability&AttackSurfaceManagement(VASM)

$116–168k Kent, Washington, United States FULL TIME

The Brief

“Mid-level Vulnerability Assessments & Infrastructure Specialist - Vulnerability & Attack Surface Management (VASM) at The Boeing Company. Skills: Vulnerability Management, Attack Surface Management, Infrastructure Security, Application Security. Operate vulnerability assessment platforms. Optimize vulnerability assessment platforms”

What You'll Achieve.

Close security gaps

Industry & Context.

Problems you'll solve

Troubleshooting; Root cause analysis

Eligibility Requirements

U. S. Person required

What They're Looking For.

Must Have

5+ years vulnerability scanning, 5+ years enterprise vulnerability platforms, 5+ years Linux/Windows Security, 5+ years foundational networking, 5+ years network scanning/assessments, 5+ years analyzing vulnerability findings, 5+ years managing scan configurations

Nice to Have

Active Security+ certification, CISSP certification, CRISC certification, Vendor/tool-specific certifications, Application security exposure, Ingest/correlate AppSec findings, Integrate vulnerability management with AppSec pipelines, Experience with CI/CD integration, Experience with SCA, Experience with container scanning, Experience with Boeing subsidiaries, Experience with Boeing mission domains, Experience with Boeing supply chain, Experience with CVSS, Experience with CISA SSVC, Experience with organization-specific risk models, Experience with threat intelligence correlation

What You'll Do.

Operate vulnerability assessment platforms

Optimize vulnerability assessment platforms

Integrate AppSec platforms

Identify security findings

Validate security findings

Prioritize security findings

Perform technical exploitability analysis

Perform business-impact assessments

Translate findings into remediation actions

Contribute to assessment playbooks

Contribute to scanning standards

Contribute to AppSec scanning pipelines

Contribute to reporting

Contribute to automation

Execute vulnerability assessments

Perform infrastructure discovery

Perform application discovery

Perform authenticated scanning

Perform targeted assessments

Configure vulnerability scanning platforms

Tune vulnerability scanning platforms

Maintain vulnerability scanning platforms

Identify environmental constraints

Identify configuration constraints

Correlate scanner output

Correlate threat intelligence

Correlate application findings

Correlate asset criticality

Produce contextualized risk ratings

Produce remediation priorities

Assess exploitability

Assess lateral movement potential

Assess operational impact

Create remediation plans

Coordinate compensating controls

Coordinate risk-accepted outcomes

Track remediation burndown

Track Service Level Agreements

Escalate high-risk items

Produce executive reports

Produce technical reports

Collaborate with VASM teams

Collaborate with AppSec teams

Collaborate with DevSecOps teams

Collaborate with engineering teams

Collaborate with IT teams

Operationalize new scanning capabilities

Integrate AppSec pipelines

Contribute to continuous improvement

Drive automation of ingestion pipelines

Drive automation of correlation pipelines

Standardize playbooks

Deliver training to remediation owners

Deliver training to subsidiary teams

How You'll Work.

Team & Collaboration

Cross-functional teams; Engineering teams; IT teams; Subsidiary stakeholders

Communication Scope

Executive reports; Technical reports

Process & Methodology

Remediation planning, Service Level Agreements

Free ATS check

Applying for this Mid-level Vulnerability Assessments & Infrastructure Specialist - Vulnerability & Attack Surface Management (VASM) role?

Most applicants get filtered before a human reads their resume. See if yours makes the cut.

Should you apply? AI reads your resume vs this job — match score, gaps to address, ATS keywords.

Skill Signal 28 detected

Required

Vulnerability assessment ×3

Exploitability analysis ×3

Risk assessment ×3

Network scanning ×3

Threat intelligence correlation ×3

Vulnerability Management ×2

Attack Surface Management ×2

Infrastructure Security ×2

Application Security ×2

Nice to have

Linux Security

Windows Security

TCP/IP

DNS

Routing

Firewalls

SAST

SCA

DAST

Container security

Role Details

Seniority

mid

Work Mode

Onsite

Type

FULL TIME

Experience

2–5 yrs

Salary Band

100k-150k

AI-Extracted Insights

Domain Areas

cloud-environments

datacenter-environments

operational-technology

ot-environments

legacy-systems

supply-chain-continuity

regulatory-compliance

Certifications

Security+

CISSP

CRISC

How to Apply on Workday

Workday has a multi-step form — save your progress after every section.
"Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
Job requisition numbers are useful when following up with HR by email.

ANONYMOUS · UNFILTERED

What do employees actually say about The Boeing Company?

Real rants from real employees. Read before you apply.

Read Company Rants →