Job Description
Job Description:
The Raytheon Intelligence & Space (RI&S) business is seeking an experienced federal compliance leader to lead a team in all aspects of federal cybersecurity risk, audit and compliance processes. The Director - Federal Risk & Compliance will be responsible for ensuring the RI&S network, programs, global sites and subsidiary security controls and processes are architected and designed in a manner to ensure continuous compliance with all federal policies, standards, regulations, procedures and applicable laws. The Director will be responsible for engaging with Enterprise Services, RI&S business product line leaders, program leaders, subsidiaries, global sites and process owners on the documentation, evaluation, and monitoring of the appropriate federal cybersecurity controls across the RI&S computing environment. The ideal candidate will also have experience in both compliance and operational audits, as well as prior hands-on cybersecurity experiences in the defense industry and/or federal agencies.
Key Responsibilities:
* Manage and lead a team of IT security and compliance experts responsible for identifying and driving the RI&S business cybersecurity standards and processes needed to continuously comply with federal regulatory and legal standards along with their associated reporting requirements.
* Establish and maintain a program to track and monitor ATO and POAM completion to ensure timely execution of processes and plans to maintain compliance standards.
* Develop strategic roadmaps for capabilities and services to achieve RI&S federal compliance standards and authorizations (ATOs) at the speed of the business.
* Coordinate and support audit activities of the RI&S computing environment, focused on DoD and federal security controls, with process and control owners and internal/external auditors
* Assist process and control owners to understand cybersecurity related assessments and audit results, identify remediation options, prioritize and see them through to completion
* Assist in the development of appropriate security documentation, including system security plans, information security policies and procedures to ensure compliance with government, legal, and regulatory standard requirements
* Assist product line and program leaders in assessing compliance impacts to systems and applications
* Stay abreast with current & emerging industry related IT security federal regulations, and compliance standards.
* Support RI&S and RTX participation in security forums and standards working groups.
Qualifications:
* 14+ years of progressive cybersecurity or compliance experience with a B.S. degree in Science, Technology, Engineering or Mathematics (STEM) or ten years of progressive cybersecurity or compliance experience, and an M.S./M.A. degree.
* Network architecture experience with advanced knowledge of network technologies/protocols and computer security concepts in a large scale networking environment.
* Experience with operational, compliance, and IT security audit functions including NIST 800-53, NIST 800-37, NIST 800-171, and ISO 27001, or COBIT.
* Strong comprehension of Information Security concepts and practices including vulnerability and compliance tools and processes, awareness of vulnerabilities, emerging threats, and the ability to map adversarial tactics to effective controls.
* Demonstrated ability to lead, manage and be fully accountable for a geographically dispersed virtual team supporting a fast-paced work environment.
* Good social, verbal, and written communication skills, with demonstrated ability to develop and effectively communicate cybersecurity matters and processes to senior management and executive audiences.
* Strategic planning experience including documenting workflows, developing service roadmaps and future state plans.
* Strong deductive reasoning, critical thinking, problem solving, and prioritization skills.
* Certified security expert - CISSP or CISM and CISA.
* Existing Secret clearance required
Desired Qualifications:
* Understanding of cloud-based IT systems or hybrid cloud delivery models designing, developing in, or transitioning systems and processes to the cloud
* Understanding of developing, testing, implementing, and maintaining complex applications and/or databases including web applications and interfaces
* Six Sigma and / or Lean certification
This position requires either a U.S. Person or a Non-U.S. Person who is eligible to obtain any required Export Authorization.185277
Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender orientation, gender identity, national origin, disability, or protected Veteran status.
The Raytheon Intelligence & Space (RI&S) business is seeking an experienced federal compliance leader to lead a team in all aspects of federal cybersecurity risk, audit and compliance processes. The Director - Federal Risk & Compliance will be responsible for ensuring the RI&S network, programs, global sites and subsidiary security controls and processes are architected and designed in a manner to ensure continuous compliance with all federal policies, standards, regulations, procedures and applicable laws. The Director will be responsible for engaging with Enterprise Services, RI&S business product line leaders, program leaders, subsidiaries, global sites and process owners on the documentation, evaluation, and monitoring of the appropriate federal cybersecurity controls across the RI&S computing environment. The ideal candidate will also have experience in both compliance and operational audits, as well as prior hands-on cybersecurity experiences in the defense industry and/or federal agencies.
Key Responsibilities:
* Manage and lead a team of IT security and compliance experts responsible for identifying and driving the RI&S business cybersecurity standards and processes needed to continuously comply with federal regulatory and legal standards along with their associated reporting requirements.
* Establish and maintain a program to track and monitor ATO and POAM completion to ensure timely execution of processes and plans to maintain compliance standards.
* Develop strategic roadmaps for capabilities and services to achieve RI&S federal compliance standards and authorizations (ATOs) at the speed of the business.
* Coordinate and support audit activities of the RI&S computing environment, focused on DoD and federal security controls, with process and control owners and internal/external auditors
* Assist process and control owners to understand cybersecurity related assessments and audit results, identify remediation options, prioritize and see them through to completion
* Assist in the development of appropriate security documentation, including system security plans, information security policies and procedures to ensure compliance with government, legal, and regulatory standard requirements
* Assist product line and program leaders in assessing compliance impacts to systems and applications
* Stay abreast with current & emerging industry related IT security federal regulations, and compliance standards.
* Support RI&S and RTX participation in security forums and standards working groups.
Qualifications:
* 14+ years of progressive cybersecurity or compliance experience with a B.S. degree in Science, Technology, Engineering or Mathematics (STEM) or ten years of progressive cybersecurity or compliance experience, and an M.S./M.A. degree.
* Network architecture experience with advanced knowledge of network technologies/protocols and computer security concepts in a large scale networking environment.
* Experience with operational, compliance, and IT security audit functions including NIST 800-53, NIST 800-37, NIST 800-171, and ISO 27001, or COBIT.
* Strong comprehension of Information Security concepts and practices including vulnerability and compliance tools and processes, awareness of vulnerabilities, emerging threats, and the ability to map adversarial tactics to effective controls.
* Demonstrated ability to lead, manage and be fully accountable for a geographically dispersed virtual team supporting a fast-paced work environment.
* Good social, verbal, and written communication skills, with demonstrated ability to develop and effectively communicate cybersecurity matters and processes to senior management and executive audiences.
* Strategic planning experience including documenting workflows, developing service roadmaps and future state plans.
* Strong deductive reasoning, critical thinking, problem solving, and prioritization skills.
* Certified security expert - CISSP or CISM and CISA.
* Existing Secret clearance required
Desired Qualifications:
* Understanding of cloud-based IT systems or hybrid cloud delivery models designing, developing in, or transitioning systems and processes to the cloud
* Understanding of developing, testing, implementing, and maintaining complex applications and/or databases including web applications and interfaces
* Six Sigma and / or Lean certification
This position requires either a U.S. Person or a Non-U.S. Person who is eligible to obtain any required Export Authorization.185277
Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender orientation, gender identity, national origin, disability, or protected Veteran status.
About RTX