Principal Specialist, Cyber Security Auditor
RMA99: RTN Remote, Massachusetts
Date Posted:
2024-12-03Country:
United States of AmericaLocation:
RMA99: RTN Remote, MassachusettsPosition Role Type:
RemoteAt Raytheon, the foundation of everything we do is rooted in our values and a higher calling – to help our nation and allies defend freedoms and deter aggression. We bring the strength of more than 100 years of experience and renowned engineering expertise to meet the needs of today’s mission and stay ahead of tomorrow’s threat. Our team solves tough, meaningful problems that create a safer, more secure world.
What You Will Do
The Principal Specialist Cyber Security & Risk Management Auditor acts as part of a highly talented team of cybersecurity professionals within the Digital Technology Governance, Risk and Compliance (GRC) organization, an entity that evaluates the effectiveness and adequacy of the company’s security and operational controls to ensure compliance with all pertinent policy and regulatory requirements. You will provide support and service across all mission areas and act as an integral part of executing on both functional and business strategy that ultimately enables us to fully comply with complex and evolving customer (DoD and USG) and RTX cybersecurity compliance requirements.
Responsibilities to Anticipate:
Execute assessment diligence in alignment with business long-term functional and cyber compliance strategy and goals to ensure compliance with company policy, DoD & US cyber regulations, and global contractual cybersecurity requirements for a multi-billion-dollar business unit.
Prepare all mission areas, sites, and programs for internal, 3rd party, DCMA, and Cybersecurity Maturity Model Certification (CMMC) audits and assessments to help detect noncompliance that could result in negative business outcomes (CARs, fines, and/or loss of contract awards, reputation, and market share).
Participate in domestic and international compliance readiness efforts, including establishment and solidification of cybersecurity compliance requirements, to include landed companies and Joint Ventures for all current and future contracts and work requirements supporting U.S. national and coalition warfighters.
Conduct site-level testing and assessment to measure local compliance with RTX policy and associated NIST 800-171 controls. As required, execute onsite visits to conduct validation and verification assessments to confirm issue status and promote high level audit readiness.
Conduct full scale assessment of site level documentation to assess whether critical processes are fully documented and executed per policy.
Execute processes/tools/methodology to detect security control issues and document observations and associated remedial actions in Digital GRC system of record.
Actively identify weaknesses or vulnerabilities, make recommendations for fully remediating/addressing issues noted, and support remedial action closure.
Audit/Assess program Security Accreditation Plans (SAPs) against current and future DoD, DFARS and CMMC regulatory requirements to ensure personnel are executing official security plans as designed.
Travel to company locations as necessary
Qualifications You Must Have
Typically, a bachelor’s degree in information technology, business, or STEM, and 5 years of related Digital Technology/IT Security experience is required.
Experience with NIST SP 800-171A and NIST SP800-53 control implementation and assessment.
Must have either a Certified Information Systems Auditor (CISA), Certified Information Systems Manager (CISM), and/or Certified Information Systems Security Professional (CISSP) certification
Experience executing baseline audits of physical sites, business applications, and/or frameworks to include control identification, testing, and risk stratification.
Experience with assessment of information system compliance against internal and external standards and policies, accreditation plans, and pertinent regulatory requirements.
Experience summarizing audit / assessment engagements and results, including the composition of formal reports and remedial action plans.
The ability to obtain and maintain a US security clearance. U.S. citizenship is required as only U.S. citizens are eligible for a security clearance
Qualifications We Prefer:
Experience designing and deploying audit engagements, overseeing security assessments and/or compliance testing and data analytics, preferably in a medium to large organization.
Knowledge or Experience with IoT/OT Cybersecurity
Knowledge or Experience with Cloud Environments (AZURE, AWS)
Knowledge or Experience with AI/ML
Project Management experience
Proficiency in automating security assessments and audits
Knowledge or Experience with Power BI, Jira, and Archer
What We Offer
Our values drive our actions, behaviors, and performance with a vision for a safer, more connected world. At RTX we value: Trust, Respect, Accountability, Collaboration, and Innovation.
Relocation assistance is not available.
Learn More & Apply Now!
RTX solves some of the toughest challenges in aerospace and defense. That requires expansive thinking and bold innovation – and that, in turn, requires a culture that is diverse, equitable and inclusive.
We embrace individuality and diversity of thought to fuel opportunity for our employees, our customers, and our communities. We work toward progress, knowing that a more inclusive world is critical to our mission. Not just in this moment, but always.
Please consider the following role type definition as you apply for this role.
Remote: Employees who are working in Remote roles will work primarily offsite (from home). An employee may be expected to travel to the site location as needed.
RTX is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.
Privacy Policy and Terms:
Click on this link to read the Policy and Terms
ApplyJob Profile
Onsite U.S. citizenship U.S. Citizenship is required
Benefits/PerksAccountability Career development opportunities Collaboration Dental Disability Diversity of thought Employee Assistance Program Flexible Spending Flexible Spending Accounts Flexible work schedules Innovation Life Insurance Medical Paid Time Off Parental leave Relocation assistance Remote work Respect Scholar program Supportive team environment Trust Vision
Tasks- Collaboration
- Conduct site-level testing
- Cybersecurity
- Documentation
- Document observations
- Ensure compliance
- Execute compliance assessments
- Identify vulnerabilities
- Prepare for audits
- Project management
- Risk Management
- Support
- Testing
Aerospace AI Analytics Applications Assessment Audit Audits AWS Azure BI Business Business applications Business strategy Cloud Cloud environments CMMC Collaboration Compliance Compliance Testing Contracts Controls Cybersecurity Cyber Security Data Defense DFARS Digital Digital technology Documentation Engineering Governance GRC Implementation Information systems Information Systems Security Information Technology Innovation IoT IT Jira ML NIST NIST 800-171 NIST 800-53 Operational controls Organization Power BI Project Management Recommendations Regulatory requirements Remediation Risk Management Security Security assessments Security Clearance Security Controls STEM Strategy Testing Training
Experience5 years
EducationAnalytics AS Bachelor Bachelor's Bachelor’s degree in Information Technology Business Cybersecurity Degree Education Engineering Information Systems Information Technology IT Project Management STEM Technology
CertificationsCertified Information Systems Auditor (CISA) Certified Information Systems Manager (CISM) Certified Information Systems Security Professional (CISSP) CISA CISM CISSP Project Management
TimezonesAmerica/Anchorage America/Chicago America/Denver America/Los_Angeles America/New_York Pacific/Honolulu UTC-10 UTC-5 UTC-6 UTC-7 UTC-8 UTC-9