Date Posted:
2024-09-17
Country:
United States of America
Location:
UTVA5: Corp Arlington, VA 1000 Wilson Boulevard Suite 2300, Arlington, VA, 22209 USA
Position Role Type:
Unspecified
RTX Corporation is an Aerospace and Defense company that provides advanced systems and services for commercial, military and government customers worldwide. It comprises three industry-leading businesses - Collins Aerospace Systems, Pratt & Whitney, and Raytheon. Its 185,000 employees enable the company to operate at the edge of known science as they imagine and deliver solutions that push the boundaries in quantum physics, electric propulsion, directed energy, hypersonics, avionics and cybersecurity. The company, formed in 2020 through the combination of Raytheon Company and the United Technologies Corporation aerospace businesses, is headquartered in Arlington, VA.
Want more jobs like this?
Get jobs in Arlington, VA delivered to your inbox every week.
To realize our full potential, RTX is committed to creating a company where all employees are respected, valued and supported in the pursuit of their goals. We know companies that embrace diversity in all its forms not only deliver stronger business results, but also become a force for good, fueling stronger business performance and greater opportunity for employees, partners, investors and communities to succeed.
The following position is to join our RTX Corporate, Enterprise Services, Research Center or BBN team:
Role Overview
We're looking for a highly motivated individual with a strong work ethic and the ability to work in a collaborative, fast-paced, changing environment. As the Associate Director of the Digital 3rd Party Supply Chain Risk & Resilience Team, you will play a crucial role in managing and mitigating risks associated with 3rd party suppliers while assuring the resilience of the RTX supply chain. This role requires a forward-thinking leader with expertise in digital 3rd party supply chain cyber security risk management.
What You Will Do:
The Associate Director, Digital 3rd Party Supply chain Risk & Resilience is responsible for establishing and managing the Digital 3rd Party Supply Chain Risk Management and Resilience Program for Enterprise Services, Pratt Whitney, Collins Aerospace and Raytheon. In this role you will lead a team of talented professionals who will conduct cybersecurity assessments of 3rd party suppliers to determine their ability to protect RTX and Customer data as required by cybersecurity, privacy, financial, federal, state, industry and international laws and regulations. You will design, deploy and operate a robust set of 3rd party risk & resilience services for Enterprise Services and the BU's. In this role you will work closely with service owners, subject matter experts, business unit & functional stakeholders, and key suppliers to test and report on the ability of our suppliers to protect sensitive RTX and customer data. You will also partner with Supply Chain to mitigate risks associated with single source suppliers to assure the resiliency of the supply chain. This role reports into the Director, 3rd Party Digital Risk & Resilience and has responsibilities that include:
- Conduct thorough initial & ongoing risk assessments and due diligence required to evaluate the cybersecurity posture and compliance with DoD and industry regulations of 3rd party suppliers, vendors and cloud service providers
- Develop & promulgate risk mitigation strategy to 1) diversify the supplier base to reduce dependency on any single 3rd party provider or services and 2) develop contingency plans for critical 3rd party services.
- Develop & test incident response plans that includes 3rd party suppliers.
- Ensure 3rd party suppliers handling RTX and Customer sensitive data have robust recovery plans and can support continuity of operations.
- Ensure 3rd party suppliers comply with all relevant regulations and industry standards for cybersecurity, ITAR and privacy.
- Conduct periodic reassessments of 3rd party supplier sensitive data handling practices
- Establish regular communication channels with 3rd party suppliers for reporting and managing risk. Implement reporting system for 3rd party supplier performance, risks and incidents
- Establish a communications program to collaborate and share threat intelligence and best practices with 3rd party suppliers
- Effectively manage communications and statuses across relevant stakeholders (from senior leaders to technical SMEs). Build presentations/content adjusted to a given audience on program strategy and status
- Establish and maintain 3rd party risk & resilience metrics and scorecards.
- Manage both direct and matrixed resources to accomplish key deliverables.
Qualifications You Must Have:
- Typically requires a University Degree or equivalent experience and a minimum 12 years of experience, or an Advanced Degree and a minimum 10 years experience.
- 6+ years of significant and demonstrated experience in leading large-scale programs or initiatives in multi-national organizations.
- 3+ years of experience with or within a cybersecurity organization
- Professional certifications such as Certified Compliance & Ethics Professional (CCEP), Certified Information Systems Auditor (CISA) or Certified Information System Security Professional (CISSP) required.
- US Citizen or US Person required
Qualifications We Prefer:
- Familiarity with U.S. DoD and International cybersecurity and privacy Laws (e.g. GDPR) and Regulations
- Familiarity with supply chain management and specific challenges related to 3rd party risk in aerospace & defense sector
- Strong background in cybersecurity principles, including threat detection, incident response and vulnerability management.
- Deep understanding of aerospace & defense industry, including its unique regulatory and compliance requirements (e.g ITAR, DFARS, NIST)
- Hands on experience in managing 3rd party supplier relationships from on-boarding to off-boarding.
- Knowledge of best practices in vendor management and performance monitoring
- Current U.S. Security Clearance
What We Offer: Whether you're just starting out on your career journey or are an experienced professional, we offer a robust total rewards package with compensation; healthcare, wellness, retirement and work/life benefits; career development and recognition programs. Some of the benefits we offer include parental (including paternal) leave, flexible work schedules, achievement awards, educational assistance and child/adult backup care.
The salary range for this role is 158,000 USD - 316,000 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate's work experience, location, education/training, and key skills.
Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement.
Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance.
This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply.
RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window.
RTX is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.
Privacy Policy and Terms:
Click on this link to read the Policy and Terms