Cybersecurity and Risk Management Lead

RTX•Andover, MA

2d•Onsite

About The Position

The Systems Engineering and Test Capabilities (SE&TC) Discipline organization is the central focus for Mission Systems Integration activities within Raytheon, responsible for defining customer needs, functional and product architecture, requirements definition and decomposition, Model Based Systems Engineering (MBSE), system performance, System Security Engineering (SSE), integration and system level testing, identifying and resolving hardware, software, and networking issues, and developing automated or operator-driven tests in support of system-level integration, verification and validation. Within SE&TC, Life Cycle Engineering (LCE) is responsible for ensuring our products are Safe, Reliable, Maintainable and delivered on time. Life Cycle Engineering consists of multiple disciplines that support engineering, our program offices and our customers. Our Life Cycle Engineering disciplines participate in the total life cycle of our products from conception to deactivation. Our focus area is product support, including the following disciplines: Logistics, Technical Manuals, Training, Reliability, and Supportability. The Technical Services Group (TSG) provides total life cycle management for information systems and business applications supporting RTX programs and products all around the world. We specialize in the development, security, and operation (DevSecOps) of advanced, global mission support systems that provide operational and logistics support to internal RTX programs and product teams as well as to our domestic and international business partners. We are a team of highly-skilled, multi-discipline IT professionals that manage the entire lifecycle of the IT products and services we develop, deploy, and maintain. This role can be based out of Andover, MA As a Cybersecurity & Risk Management Lead, you will be joining a highly collaborative team of multi-discipline IT professionals responsible for the development, security, and operation (DevSecOps) of advanced IT products and services supporting RTX programs and products. In this role you will be responsible for the governance, risk and compliance (GRC) of the IT products and services we deliver to our internal and external customers.

Requirements

Typically requires a degree in Science, Technology, Engineering, or Mathematics (STEM) and a minimum of 10 years of prior relevant experience
Experience across multiple cybersecurity domains (e.g., architecture, compliance, cyber defense, incident response, application security)
Active and transferable U.S. government issued security clearance is required prior to start date.
U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance

Nice To Haves

Strong understanding of business objectives and the ability to integrate cybersecurity into business planning and operations.
Industry knowledge in cybersecurity, information technology, or aerospace and defense.
Ability to navigate complex and evolving organizational environments.
Familiarity with IT governance (CSF, ISO/IEC27001) and control frameworks. (NIST sp800-53, -171)
Experience with the internal RTX Information Risk Assessment & Management Process (IRAMP).
An advanced cybersecurity certification such as CISSP, CASP, CISM, or similar.
Demonstrable work history showing steady increase in the breadth and depth of systems administration knowledge and experience.
Willingness and ability to travel domestically and internationally as needed.

Responsibilities

Serve as the primary point of accountability for cybersecurity governance, risk, and compliance for TSG-supported programs, product teams, and organizations.
Provide an integrated view of risk across functional disciplines within TSG-supported programs and product teams to guide informed decision-making.
Partner with program leadership to embed cybersecurity into long-term strategic planning, major initiatives, and align security requirements with business objectives.
Oversee cybersecurity compliance management and monitoring activities for TSG-managed information systems in accordance with appropriate compliance requirements.
Lead governance activities including risk reviews, compliance readiness discussions, and program touchpoints; ensuring follow-through on mitigation actions and risk decisions.
Support audit and regulatory readiness by identifying control gaps, coordinating remediation, and ensuring required documentation is complete and accurate.
Guide the development and sustainment of TSG security tooling to detect, prevent, and remediate security issues in TSG-managed IT products & services.
Champion the adoption and implementation of proactive, automated security testing of TSG-managed code, applications, and systems for DevSecOps style operations.
Develop and present presentations on cybersecurity and IT operations-related topics to program leadership and external business partners in customer meetings.
Communicate risks, policies, and changes in clear, business-friendly terms to build strong cross-functional relationships to influence outcomes.
Define and track key performance indicators, identify trends, and drive continuous improvement in cybersecurity posture in programs, products, and technical teams.
Promote a culture of security, accountability, and operational excellence aligned RTX CORE principles and values.