Senior Information System Security Officer II, Cyber Compliance

Company: RTX
Location: Del Mar
Posted on: September 14, 2020

Job Description:

Senior Computer System Security Technologist II Raytheon Missile &Defense (RMD) (Multiple Work Location options) RMD Digital Technology (RMD DT) - Cybersecurity & Compliance Information System Security Officer (ISSO) Be a part of cutting edge Technology and Innovation. Make your next move to Raytheon Missile & Defense (RMD). The RMD Digital Technology (DT) organization embraces the opportunity to deliver business value by connecting business insight with technical expertise and innovation. We're continuously pushing the envelope to create leading-edge secure technological solutions for complex systems and program challenges. In joining our team, you will have the opportunity to be an integral part of a team responsible for managing business risk through the implementation of cost effective IT controls. As a Senior Computer System Security Technologist II you will be a member of the RMD DT Information System Security Officer (ISSO) group. As an ISSO you will serve as an advisor on all technical and policy matters, involving the security of information systems assigned. In this role, you will partner with IT system administrators to assess unclassified information systems to assure compliance with applicable IT security policies, including but not limited to compliance with National Institute of Standards & Technology (NIST) Special Publication (SP) 800-171 and 800-53. As an ISSO you will support risk assessments and assist with selection of IT controls to achieve compliance. Your role will also include conducting assessments of Information Systems (ISs) seeking an Authority To Operate (ATO), assisting with the development of remediation plans and making recommendations to grant ATO for an IS to the Chief Information Security Officer (CISO). This role can be based at one of several RMD locations throughout the Domestic US: CA - San Diego (Primary), CA - Fullerton, IN - Fort Wayne, MA - Andover, MA - Marlborough, MA - Tewksbury, MA - Woburn. If relocation is absolutely necessary for the selected applicant (ie they do not live within commuting distance to any of the specified locations), support will be offered as a capped amount if the applicant is eligible per company policy. Responsibilities associated with this role are:

• Create, consult on, and ensure the completion of Security Assessment Packages (SAPs) for RMD managed systems as part of the Information Risk Assessment and Management Process (IRAMP).
• Capture and refine security requirements for ISs to which you are assigned.
• Ensure the security requirements are effectively integrated into the IS through purposeful security architecting, design, development, and configuration.
• Request export control review (according to RMD policy instruction PI-OGC-GTC-5012) for systems that process Export Controlled information.
• Assist IT system admins to complete and maintain SAPs for an IS, ensuring the SAP is kept current throughout the lifecycle of the IS.
• Perform assessments of ISs against associated SAPs including overlays.
• Monitor the operational security posture for ISs to which they are assigned and ensure the ISs operate in accordance with their SAP and have a current ATO.
• Conduct annual security reviews of assigned ISs.
• Initiate the IRAMP for an existing system if a proposed change affects the security controls or security posture of the IS or for expiring ATOs
• Conduct reviews and analysis of waiver requests for their assigned IS. Ensure that if the request is approved, the SAP Plan of Action and Milestones (POA&M) documents the residual risk(s) associated with the waiver.
• Contribute to successful completion of Information Security goals.
• Educate users/colleagues on information security topics such as policies, standards, guidelines and best practices. Required Skills:
  • 6+ years overall directly related Information Technology/Information Assurance experience or equivalent
  • Understanding the implementation of NIST SP 800-171 and/or NIST SP 800-53
  • Certified Information Systems Security Professional (CISSP), or equivalent
  • Proven experience with enterprise risk management concepts including strategic, operational and technical risk management.
  • Proven ability to assess system compliance against standards and IT Security Policies.
  • Ability to identify risks and propose risk mitigation solutions to harden systems.
  • Established technical writing skills Desired Skills:
    • Passion for information security and demonstrated willingness to be a life-long learner
    • CCNA, CISSP-ISSAP, CISSP-ISSEP or equivalent.
    • Ability to participate on cross-functional teams to resolve complex challenges and shape future opportunities.
    • Familiarity with audit concepts and strategies in a highly complex, regulated environment.
    • Excellent communication skills (written, verbal, presentation and influence).
    • Familiarity with DOD Defense Counterintelligence and Security Agency (DCSA) audit procedures
    • Familiarity with processes to harden computer systems.
    • Ability to work multiple complex initiatives simultaneously
    • Strong interpersonal skills - ability to dialogue, negotiate, influence and work with others collaboratively and constructively
    • Eligibility to obtain a US DOD Secret Security Clearance. Except in Rare Cases, only US Citizens are eligible to obtain US Security Clearances. Education (including Major):
      • BS/BA degree - Majors include (not limited to): Information Technology, MIS, Engineering, Science, Mathematics or Business
      • Non Degreed applicants with significant applicable experience will be considered at the hiring manager's discretion Raytheon Missile & Defense (RMD) continues to be in the Top 100 Best Places to Work in IT offering flexible work schedules including compressed work weeks, and telecommuting. As a company, RMD has also been recognized in the 100 Best Corporate Citizens, awarded especially high marks in the areas of the environment, philanthropy and financial transparency. Let us be your partner for achieving professional success, with opportunities to have flexible schedules, work in a diverse and supportive work environment, and gain access to professional learning and growth opportunities. 165975Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender orientation, gender identity, national origin, disability, or protected Veteran status.

Keywords: RTX, San Diego , Senior Information System Security Officer II, Cyber Compliance, IT / Software / Systems , Del Mar, California