Manager, Cyber Security & Risk Management - Andover, MA

Arinc International Of Canada Ulc - Andover, MA

posted 5 months ago

Full-time - Mid Level
Andover, MA
10,001+ employees

About the position

At Raytheon, the foundation of everything we do is rooted in our values and a higher calling - to help our nation and allies defend freedoms and deter aggression. We bring the strength of more than 100 years of experience and renowned engineering expertise to meet the needs of today's mission and stay ahead of tomorrow's threat. Our Cybersecurity team is presently seeking a Manager, Cyber Security & Risk Management to maintain the Information Systems in Andover, MA. The Cybersecurity Manager, Cyber Security & Risk Management is responsible for compliance oversight, assessment, and operations of systems under their purview. They may be assigned to a single large-scale program or oversee multiple programs. The Manager also has cognizance of all collateral Classified Information System (CIS) in the Andover, MA Site per Commercial and Government Entity (CAGE) code as stipulated by various US Government requirements including (but not limited to): National Industrial Security Operating Manual (NISPOM) and related documentation such as: Risk Management Framework (RMF), Baseline Technical Security Configuration Standards, Defense Counter-Intelligence Security Agency (DCSA) Assessment and Authorization Process Manual (DAAPM) Customer/contract specific Cybersecurity regulations. Components of the cybersecurity (CS) program include Assessment and Authorization (A&A) activities (documentation preparation, system configuration/validation, certification testing, etc.), security sustainment activities (hardware change management, software change management, account management, media protection, user interface, file transfers, etc.), conducting self-inspections, and delivering information systems security education and awareness. You will conduct recurring Cybersecurity reviews on information systems in accordance with DoD Manuals, NIST Special Publications, customer directives, and company policies as applicable. You are responsible for the execution of the Raytheon Continuous Monitoring Plan as required by CA-2 Security Assessments. You'll serve as subject matter experts (SME) on a broad range of Cybersecurity topics. You may represent the Cybersecurity organization and business unit to external Cybersecurity counterparts. Important note(s): Within six months of hire date, you must obtain and maintain a Security professional certification commensurate with IAM Level III certification commensurate with your role as a Site ISSM as required by DoDD 8140 (8570) if you do not already have this certification. Cybersecurity Manager, Cyber Security & Risk Management are required to maintain IAM Level III certification commensurate with their role as required by DoDD 8140 (8570).

Responsibilities

  • Complete all DCSA and Raytheon GSS required training within 6 months of appointment (annual requirements thereafter).
  • Accountability for all systems under site CAGE: metrics, eMASS, Raytheon business process (RCAST), Continuous Monitoring (ConMon) as described by Sr. ISSM.
  • Maintain a working knowledge of all CIS functions, security policies, technical security safeguards, and operational security measures.
  • Interact with DCSA SCA/ISSP to track items including, but not limited to, upcoming authorizations (ATO), new technologies solutions (i.e., new SIEM, OS, etc.), policy interpretations (in conjunction with Sr. ISSM), and onsite A&A.
  • Develop, maintain, and update, in coordination with all system stakeholders (CS Manager, ISO, DT, etc.), applicable site POAM(s) to identify system weaknesses, mitigating actions, resources, and timelines for corrective actions.
  • Coordinate DCSA SVA preparation activities for assigned CAGE in conjunction with site FSO/CS Manager.

Requirements

  • Typically require a Bachelor's degree with eight (8) years of relevant cybersecurity, network security, and/or information technology experience or an advanced degree with five (5) years of relevant experience.
  • Experience supporting cybersecurity compliance as stipulated by DCSA Assessment and Authorization Process Manual (DAAPM), Joint SAP Implementation Guide (JSIG), and/or National Industrial Security Program Operating Manual (NISPOM) regulations.
  • IAM Level I certification (Security+ or other).
  • Relevant experience in Cybersecurity, systems security or hardening, Information Technology Compliance-based auditing using the Risk Management Framework (RMF) and/or non-defense regulations such as FAA, Payment Card Industry (PCI), ISO 9001 Quality Management standards, or HIPAA.
  • Experience working with and/or supporting computer technologies (such as: databases, operating systems, computer network hardware, software programs, hardware troubleshooting or electronics).
  • Active and transferable U.S. Secret government issued security clearance is required prior to start date.

Nice-to-haves

  • Master's Degree in Computer Science, Information Systems, Information Technology, Cyber Security, Criminal Justice, Business or other relevant degree.
  • Experience with various information system security tools that address vulnerability analysis and mitigation, including Splunk, Forcepoint, Ivanti, Tenable, ACAS, HBSS, etc.
  • Experience in the oversight and execution of the Assessment & Authorization processes (Certification & Accreditation), as defined in JSIG/RMF.
  • Experience in the execution and management of Information System's (IS) incident response and administrative inquiries/investigations in collaboration with the Investigations department.
  • Experience in and execution of a continuous monitoring/improvement program (to include but not limited to self-inspections, security control assessments, training, log management systems, automated inventory utilities, etc.).
  • Experience providing technical security expertise and oversight for complex, cross-domain, heterogeneous classified networked environments in collaboration with internal/external Customers, Information Technology (IT) and other Raytheon Business Units.

Benefits

  • Medical insurance
  • Dental insurance
  • Vision insurance
  • Life insurance
  • Short-term disability
  • Long-term disability
  • 401(k) match
  • Flexible spending accounts
  • Flexible work schedules
  • Employee assistance program
  • Employee Scholar Program
  • Parental leave
  • Paid time off
  • Holidays
  • Annual short-term and/or long-term incentive compensation programs depending on the level of the position.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service