Nestled in Waltham, MA, Raytheon Company is an international technology and innovation firm in aerospace and defense, providing electronics, mission systems integration and other capabilities in the areas of sensing; effects; and command, control, communications and intelligence systems; as well as a broad range of mission support services for a wide variety of government and commercial customers. Besides its global business services segment the company runs four operations: Integrated Defense Systems; Intelligence, Information and Services; Missile Systems; Space and Airborne Systems. Working toward the goal of making the world a safer place, the company offers career paths to you if you consider yourself mission-driven who thrives on continual learning, big ideas and real challenges. Job openings are not only available for professionals, but also for recent graduates & interns; moreover the company offers a Relaunch Program, a unique opportunity for experienced professionals returning to the workforce after taking a career break. A comprehensive and competitive benefits package is accessible for you, containing elements of health care, income protection, investment/retirement and work/life benefits. As one of the earliest technology start-ups Raytheon was established in Cambridge, home of the Institute of Technology, as the American Appliance Company in 1922.
Raytheon IT Security organization is seeking an experienced Principal Cyber Technologist to support Raytheon’s global cybersecurity compliance needs by supporting programs, proposal teams, and global growth opportunities. This is an area of critical importance for Raytheon as the number of compliance requirements required by the DoD via services, components, and agencies continues to grow exponentially. As the importance of cybersecurity protections grows globally, countries across the world impose new cybersecurity standards via contract language on Raytheon businesses operating globally.
The Principal Technologist will be a member of the Global Cyber Compliance Services team, an enterprise service designed to proactively plan and execute focused strategies to establish and maintain cyber compliance with new and existing U.S. and global cybersecurity regulations.
The ideal candidate will have practical experience interpreting and applying cybersecurity standards in an enterprise environment to include NIST 800-171 and application of DoD DFARS
cybersecurity requirements, an understanding of government contracting processes, familiarity with NIST SP 800-37
Risk Management Framework, NIST 800-53 Cybersecurity Maturity Model Certification (CMMC), and related non-US cyber compliance frameworks such as Cyber Essentials, ISO27001 and Australia Signal Directorate cyber controls. Also have experience briefing senior leaders and representing an organization or position in interactions with senior DoD members from cross functional areas of legal, supply chain, contracting, and cybersecurity.Job Description:
- Provide program, proposal and security control analysis and gap assessments
- Develop and deploy cybersecurity best practices
- Help programs achieve auditable cybersecurity control compliance
- Support for customer audits, and compliance reviews
- Support for source selection and competitive bid (RFI and RFP) process
- Provide guidance for developing System Security Plans and Plan Of Action and Milestones
- Research to stay ahead of changes in the cybersecurity regulatory landscape
- Minimum 8+ years of progressive IT security or compliance experience and a bachelors' degree or equivalent combination of experience and schooling/certifications in lieu of degree
- Operational knowledge of IT security control frameworks including Center for Internet Security Critical Security Controls (formerly SANS Top 20), NIST SP 800-53 Rev.4, ISO 27001, and/or NIST SP 800-171 Rev. 1
- Knowledge of network technologies/protocols and computer security concepts in small, medium, and large scale Enterprise technology environment
- Experience in documentation of processes and internal IT security controls
- Strong social, verbal, and written communication skills, with demonstrated ability to effectively present analytical data to a variety of technical and non-technical audiences
- Strong deductive reasoning, critical thinking, problem solving, and prioritization skill
- Collaborative team member with a cross functional, multi-discipline team within Raytheon
- Certified security expert – CISSP, CGEIT, CRISC, ISSMPor other IT Security related certifications
- Willing to travel based on operational requirements
- This position requires the eligibility to obtain a security clearance. Except in rare circumstances, only U.S. citizens are eligible for a security clearance
- This position requires either a U.S. Person or a Non-U.S. Person who is eligible to obtain any required Export Authorization
- Familiarity with DoD Cybersecurity Maturity Model Certification (CMMC)
- Exposure to IT policy and procedure development
- Knowledge of and experience with assessing non-US IT security control frameworks such as ISO270001 and UK Cyber Essentials
- Project Management experience
Bachelor’s in Computer Science, information Systems, Cyber or related discipline or equivalent combination of experience and schooling/certifications in lieu of degree
Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender orientation, gender identity, national origin, disability, or protected Veteran status.