Job opening ID
Roles and responsibilities
Must be a US Citizen w/Active Secret Clearance
W2 Contract position
9 month duration
Must be able to pass background and drug screen
The GBS IT Security group is seeking an experienced cybersecurity professional to fill the role of Information Assurance Cybersecurity Engineer in support of the Robotics Process Automation (RPA) program. As part of a team of cybersecurity Subject Matter Experts (SMEs) within the Information Assurance group, this person will be responsible for guiding and directing others on IA matters as part of cross functional team that builds and operates Raytheon's enterprise applications and systems. The Cybersecurity Engineer will also be responsible for ensuring IT Security requirements are integrated into the development process and lead the maturation of a security governance model for process automation for the enterprise environment. The Cybersecurity Engineer will also serve as the Raytheon Information Risk Assessment and Management Process (IRAMP) Officer for all automation applications. Additionally this role will be responsible for ensuring the Program’s security architecture aligns to Raytheon’s strategy for combating the Advanced Persistent Threat (APT).
•Provide Enterprise Architecture expertise for the planning, design and development of the required solution
•Collaborate with Architecture team to develop and maintain Reference Architecture
•Work with product team on solutions, and facilitate Global Security Services and Office of General Council approvals as needed
•Work with product team on solutions, and facilitate approvals as needed
•Ensuring the security authorization package and related elements are maintained and kept current throughout the lifecycle of the IS to which they are assigned. Includes reviewing and updating System Security Plans (SSPs) for the Program, performing annual security reviews and assessments of assigned systems.
•Conducting security impact analysis on all proposed changes affecting the infrastructure or security architecture of an assigned IS to determine whether updates or re-authorization to the SAP is required.
•Be the Program’s interface to the Cyber Threat Operations team, to quickly support the need to respond to new threats, develop response plan specific to the Program’s environment, and facilitating an impact analysis of planned responses.
•Awareness and incorporation of new IA/IT Security policies and strategic plans into development/sustainment processes.
•Guide and review releases and changes to systems, connectivity, capabilities, and processes to ensure appropriate controls are in place to mitigate risk and ensure policy and regulatory compliance.
•Lead design of architecture security control approaches (e.g. Agreement Objects, OCI, Container Access, etc.)
•Review and support enabling Identify Management services such as LDAP, Restricted Party Screening, LDAP Citizenship and Company data, Authentication Services (e.g. RSA SecurID, PKI Certs, etc.)
•Provide IA guidance on security vulnerabilities and appropriate mitigation
•Review designs to ensure IA security compliance and identify opportunities for improvement.
•Perform annual auditing of security controls for the Program’s environment
•Participate on industry recognized security related organizations to stay abreast of industry best practices in Enterprise Architecture
Contractor must physically work at any of the locations listed (no remote)
•A total of ten years of progressive IT Security and Enterprise Architecture experience with a related B.S./B.A. or eight years, and an M.S./M.A. degree
•Experience with NIST 800-53, 800-37
•Experience with Enterprise Architecture frameworks, e.g. TOGAF, Zachman Framework, DoDAF •Knowledge of network technologies/protocols and computer security concepts in large scale enterprise technology environments
•Extensive knowledge of Systems Engineering concepts
•Knowledge of vulnerability assessment and management approaches and solutions
•Strong comprehension of Information Security practices including identifying risks, emerging cybersecurity threats, and risk mitigation processes
•Demonstrated ability to lead and be fully accountable in a geographically dispersed virtual and fast paced work environment
•Good social, verbal, and written communication skills, with demonstrated ability to effectively present analytical data to a variety of technical and non-technical audiences
•Strong deductive reasoning, critical thinking, problem solving, and prioritization skills.
•Ability to obtain and maintain a U.S. Government Secret Security Clearance
•Knowledge and experience in Security Governance
•Familiarity with project management concepts
•Certified security expert – CISSP or CISM
•Enterprise Architecture certifications (RCAP, Open CA)
•Penetration Testing experience (GPEN or CEH certifications a plus)
•Knowledge of security risk associated with bot deployment in an enterprise environment
Positions Available In:
Number of positions