Date Posted:
2024-10-29Country:
United States of AmericaLocation:
RVA99: RTN Remote, VirginiaPosition Role Type:
HybridRTX Corporation is an Aerospace and Defense company that provides advanced systems and services for commercial, military and government customers worldwide. It comprises three industry-leading businesses – Collins Aerospace Systems, Pratt & Whitney, and Raytheon. Its 185,000 employees enable the company to operate at the edge of known science as they imagine and deliver solutions that push the boundaries in quantum physics, electric propulsion, directed energy, hypersonics, avionics and cybersecurity. The company, formed in 2020 through the combination of Raytheon Company and the United Technologies Corporation aerospace businesses, is headquartered in Arlington, VA.
To realize our full potential, RTX is committed to creating a company where all employees are respected, valued and supported in the pursuit of their goals. We know companies that embrace diversity in all its forms not only deliver stronger business results, but also become a force for good, fueling stronger business performance and greater opportunity for employees, partners, investors and communities to succeed.
The following position is to join our RTX Corporate Enterprise Services -Cybersecurity Governance, Risk & Compliance – Digital Risk Team:
Role Overview:
We're looking for a highly motivated individual with a strong work ethic and the ability to work in a collaborative, fast-paced, changing environment. As the Associate Director of the Digital 3rd Party Risk Management and Assessment for our Vendor Team, you will play a crucial role in managing and mitigating risks associated with 3rd party technology vendors. This role requires a forward-thinking leader with expertise in digital 3rd party risk management and assessment.
What You Will Do:
The Associate Director, Digital 3rd Party Risk Management and Assessments (Vendors) is responsible for establishing and managing the Digital 3rd Party Vendor Program for Enterprise Services, Pratt Whitney, Collins Aerospace and Raytheon. In this role you will lead a team of talented professionals who will conduct cybersecurity assessments of 3rd party technology vendors to determine their ability to protect RTX and Customer data as required by cybersecurity, privacy, financial, federal, state, industry and international laws and regulations. You will design, deploy and operate a robust set of 3rd party risk & assessment services for Enterprise Services and the BU’s. In this role you will work closely with service owners, subject matter experts, business unit & functional stakeholders, and key vendors ( e.g.Dell, Microsoft, Cisco, Archer) to test and report on the ability of our vendors to protect sensitive RTX and customer data. This role reports into the Director, 3rd Party Digital Risk & Resilience and has responsibilities that include:
Conduct thorough initial & ongoing risk assessments and due diligence required to evaluate the cybersecurity posture and compliance with DoD and industry regulations of 3rd party vendorsDevelop & test incident response plans that includes 3rd party vendors.Ensure 3rd party vendors handling RTX and Customer sensitive data have robust recovery plans and can support continuity of operations.Ensure 3rd party vendors comply with all relevant regulations and industry standards for cybersecurity, ITAR and privacy.Conduct periodic reassessments of 3rd party vendors sensitive data handling practicesEstablish regular communication channels with 3rd party vendors for reporting and managing risk.Effectively manage communications and statuses across relevant stakeholders (from senior leaders to technical SMEs).Build presentations/content adjusted to a given audience on program strategy and statusEstablish and maintain 3rd party risk & assessment metrics and scorecards for RTX vendors.Manage both direct and matrixed resources to accomplish key deliverables.Qualifications You Must Have:
Requires a University Degree or equivalent experience and a minimum 12 years of experience, or an Advanced Degree and a minimum 10 years experience.6+ years of significant and demonstrated experience in leading large-scale programs or initiatives in multi-national organizations.3+ years of experience with or within a cybersecurity organizationAt least one of the following certifications: Certified Compliance & Ethics Professional (CCEP), Certified Information Systems Auditor (CISA) or Certified Information System Security Professional (CISSP) required.Must be authorized to work in the U.S. without sponsorship now or in the future. RTX will not offer sponsorship for this position.Qualifications We Prefer:
Familiarity with U.S. DoD and International cybersecurity and privacy Laws (e.g. GDPR) and RegulationsFamiliarity with supply chain management and specific challenges related to 3rd party risk & assessment in aerospace & defense sectorStrong background in cybersecurity principles, including threat detection, incident response and vulnerability management.Deep understanding of aerospace & defense industry, including its unique regulatory and compliance requirements (e.g ITAR, DFARS, NIST)Hands on experience in managing 3rd party supplier relationships from on-boarding to off-boarding.Knowledge of best practices in vendor management and performance monitoringCurrent U.S. Security ClearanceLearn More & Apply Now!
Work Location: Remote
Please consider the following role type definition as you apply for this role:
Remote: This position is currently designated as remote. However, the successful candidate will be required to work from one of the 50 U.S. states (excluding U.S. Territories). Employees who are working in Remote roles will work primarily offsite (from home). An employee may be expected to travel to the site location as needed.
RTX is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.
Privacy Policy and Terms:
Click on this link to read the Policy and Terms