Raytheon Global Business Services (GBS) IT Security group is seeking an experienced Senior Cyber Threat Analyst to conduct all aspects of supplier cybersecurity assessments. Recent changes in security practices and US Government mandates require a collaborative relationship with business partners for the purpose of protecting technical information. In these relationships, it is mutually beneficial to work with partners on enhancing their strategy to improve their overall cybersecurity posture.
The Senior Analyst will be responsible for assessing the network security controls of small to medium size businesses. This includes reviewing processes that support risk management, operational controls, as well as policy and governance. These engagements will ascertain whether the corresponding controls, as designed and represented, are adequate and functioning in a manner consistent with industry best practices and Raytheon objectives, and risk threshold. This includes the development of new practices and cybersecurity reviews to ensure the confidentiality, integrity and availability of company and other sensitive data on supplier information systems.
The ideal candidate will have practical experience in performing cybersecurity risk assessments, technical understanding of cybersecurity controls, and developing plans of action and milestones at an organizational level.
- Conduct cybersecurity risk assessment to gain insight into the maturity of their cybersecurity technologies, processes, and controls
- Build awareness of effective cyber security practices to address current and emerging cybersecurity risk to sensitive information
- Provide suppliers with tailored mitigation plans to prioritize investments and use of mitigation controls in their cybersecurity infrastructure and internal governance
- Coordinate supplier survey management and operations aligned to an aggressive schedule to manage cybersecurity risk in small to medium business environments
- Stay abreast with current & emerging industry related IT security regulations, and compliance standards
- Support Raytheon participation in security forums and industry standards working groups
- Minimum 6+ years of progressive IT security or compliance experience and a bachelor’s degree.
- Operational knowledge of IT security control frameworks including Center for Internet Security Critical Security Controls (formerly SANS Top 20), NIST SP 800-53, and/or NIST SP 800-171
- Detailed comprehension of information security concepts and practices including vulnerability and compliance tools and processes, awareness of vulnerabilities, emerging threats, and the ability to map adversarial tactics to effective controls
- Knowledge of network technologies/protocols and computer security concepts in large scale Enterprise technology environment
- Experience in documentation of processes and internal IT security controls
- Effectively present analytical data to a variety of technical and non-technical audiences
- Certified security expert – CISSP, CGEIT, CRISC, or other IT Security related certifications
- Willing to travel based on operational requirements
- This position requires the eligibility to obtain a security clearance. Except in rare circumstances, only U.S. citizens are eligible for a security clearance
- This position requires either a U.S. Person or a Non-U.S. Person who is eligible to obtain any required Export Authorization
- Consulting experience such that the individual rapidly assesses the information security posture
- Exposure to IT policy and procedure development
- Knowledge of and experience with assessing non-US cybersecurity control frameworks, e.g. ISO 27001, UK Cyber Essentials, etc.
- Project Management experience
- Master’s degree
Bachelor’s degree in Computer Science, Information Technology or related discipline
Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.