Raytheon IT Security Director in Tucson, Arizona
The RMS IT Security Operations is led by the IT Security Director/CISO and reporting to the RMS Chief Information Officer (CIO). The RMS IT Security Operations delivers services, support and governance relating to the security and risk mitigation of Raytheon’s unclassified information, computer systems, data and networks. The RMS IT Security Director/CISO is responsible for the management and direction of staff in identifying, developing, implementing and maintaining processes across the organization to reduce information and information technology (IT) risks, respond to incidents, establish appropriate standards and controls, and direct the establishment and implementation of policies and procedures. Additionally, the RMS IT Security Director/CISO provides information security subject matter expertise to senior and executive management in both operational and strategic endeavors. General Responsibilities: · Participate with top managers in developing and recommending business unit or corporate-wide policies. · Proactively protect the confidentiality, integrity, and availability of Company information and systems. · Consult with Enterprise Security Services and IT staff to evaluate, select, install, and configure hardware and software systems that provide appropriate security functionality. · Communicate unresolved security exposures, misuse, or noncompliance situations to Corporate IT Security, IT management, Global Security Services, and senior management, in accordance with established protocols. · Provide expert knowledge into the identification and integration of security tools, technologies, processes, and capabilities to help protect company information resources. · Provide direction and guidance to IT staff for remediation and compliance. · Participate in or lead gate reviews for projects. · Participate in investigations of suspected information security breaches and policy violations. · Provide technical expertise and guidance on the methods and approaches to information assurance as well as the administration of security tools that control and monitor information security. · Participate in the creation of RMS IT Security policies/directives, procedures, instructions, and processes in support of information security. · Develop and implement programs, seminars, workshops, and bulletins to further end-user information security education and awareness. · Maintain technical reference library; develop training material and workshops for IT, program and security staff as appropriate. · Works with Governance Committee and Leadership as appropriate to make strategic/tactical decisions on administrative or operational issues affecting the IT Security organization. Required Skills: Technical · 14 Years’ experience; preferably in system design and development activities related to Engineering, Science, Information Assurance, and/or Computer Science, including 10+ years’ experience in management. · Information Security Certifications (CISSP ® , GSLC, GSIP, or equivalent industry certifications) · Ability to deliver security solutions that balance business requirements and information related security risks by applying the 5 basic architectural approaches of “Defense-In-Depth” (Uniform protection, Protected enclaves, Threat vector analysis, Information centricity, and Role-based access control). · Expert knowledge of risk assessment procedures, authorization methodologies, authentication technologies, and security attack pathologies. · Strong knowledge of the TCP/IP protocol and standards, perimeter security, defense-in-depth implementations, data leak prevention, encryption, secure software development, compliance frameworks, and DoD and NIST security standards. Non-Technical · Demonstrated ability to document and defend proposed/developed practices and strategies during technical and program reviews. · Demonstrated ability to relate business requirements and risks for security-related issues. · Demonstrated ability to conduct briefings and technical meetings for top management and customer representatives. Strongly Desired Qualifications, Skills, and Knowledge · Ability to serve as a principal spokesperson for the business unit and/or IT function on highly significant matters related to information security and risk management. · Strong communication skills - oral, written and presentation. Strong political and business acumen skills to integrate across multiple stakeholders with competing priorities. · Ability to work effectively as part of an inter-organizational team as well as an individual contributor. Must be able to navigate complex, matrix organizations at multiple business unit and enterprise levels, both internally and externally. · 5 years’ experience developing and implementing SOA, Mobility, Virtualization and other pertinent information security solutions in the Federal, military and/or commercial enterprise environment. · Familiarity with the architecture and technology of cross-domain solutions. · Familiarity with technical frameworks, measures and controls related to NIST 800-53, ITIL, COBIT, NISPOM Chapter 8, JAFAN 6/3, DoD 8500.1/.2, and other appropriate policy and regulatory documents Security Clearance: Applicants selected must be able to qualify for an “Interim” Secret clearance with ability to obtain and maintain full Secret clearance. Required Education: · Bachelor of Science Degree (B.S.) preferably in Engineering, Science, Math, Computer Science, Information Systems or related field Desired Education: · MBA or advanced degree in computer science/related technical discipline 107249
Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.