Cybersecurity Policy and Compliance Analyst - Military veterans preferred

2019-04-14
Raytheon (www.raytheon.com)
Other

/yr

  full-time   employee


Merrifield
Virginia
United States

This contingent position is being considered & hired for all non-management levels (G08-G10) based upon selected candidate’s applicable experience

Raytheon Blackbird Technologies is looking to hire Cybersecurity Policy and Compliance Analyst who will join the security team of a major nationwide organization, with thousands of sites, to continually improve its complex multi-protocol nationwide network. An experienced Cybersecurity Policy and Compliance Analyst is needed to support the customer team.

The Cybersecurity Policy and Compliance Analyst will work as part of the Policy and Compliance team within the Corporate Information Security Office (CISO) Program, reporting to the Cybersecurity Policy and Compliance Manager.

This position will assist with the various projects in support of corporate and regulatory compliance. This position will help influence development and execution of policies, directives, standards, and procedures in support of the customer and regulatory compliance. The position will assist with the identification and development of processes to aid in organizational compliance by monitoring changes to standards and regulations as they occur and integrating those changes into the policy lifecycle through the performance of periodic gap assessments.

Job Responsibilities will include:

  • Lead the revision of the Information Security Policy ensuring its coherence with the overall organizational strategic plan
  • Actively receives input and feedback from Sr. Leadership, Stakeholders, and staff to assess and address organizational new policy requirements.
  • Has an understanding of operations throughout the organization to proactively enhance the user experience of the new policies
  • Subject Matter Expert within the Policy and Compliance Team regarding the development of the new security policies and standard operating procedures
  • Knowledge of CIS controls and the ISO 27001/27002 control framework
  • Develop security assessment activities that within the CISO organization on a periodic basis
  • Perform other duties as assigned.

Required Skills:

  • Knowledge of CIS controls and the ISO 27001/27002 control framework
  • 4+ years’ experience in information technology, compliance, legal, data protection/privacy, and/or information security.
  • Knowledge of risk analysis and information security
  • Knowledge of data privacy and security requirements under NIST, ISO 27001/2, PCI, CIS CSC, RMM and other relevant legislation when appropriate for business.
  • BS Degree in Information Security, Cybersecurity, Information Assurance, Risk Management, or equivalent work experience.
  • Ability to develop metrics and provide analysis to measure effectiveness of programs
  • Excellent writing skills, with experience as a writer, technical editor, or communications specialist a plus
  • Strong interpersonal, organizational, and excellent documentation skills are a must
  • Security+, CISSP, CAP desired

Required Education:
Bachelor’s Degree in related field Two years of related work experience may be substituted for each year of degree level education.

Desired Certifications:
DODI 8570.1-M Compliance at IAT Level II; CISSP preferred.

138062

Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.