Senior Cyber Enhanced Assessment (CEA) Assessor II - Tucson, AZ

RTX•Tucson, AZ

20h•Onsite

About The Position

At RTX, the world largest aerospace and defense company, 185,000 great minds are united by purpose and inspired to make a difference solving the world’s most complex problems. With our three market leading businesses, world-class operations and investments in research and development, we offer capabilities and opportunity no one else can. Together, we push the boundaries of known science and find new ways to connect and protect our world. Raytheon brings the strength of more than 100 years of experience and renowned engineering expertise to meet the needs of today’s mission and stay ahead of tomorrow’s threat. We deliver solutions that help our nation and allies defend freedoms and deter aggression, creating a safer, more secure world. Join us and help shape the future of aerospace and defense. Our cybersecurity team is seeking a Senior Cyber Enhanced Assessment (CEA) Assessor II that will support multiple facilities but be primarily located in Tucson, Arizona. The Senior CEA Assessor supports the CEA Lead in executing enhanced assessment activities within their area of responsibility (AOR). This role primarily focuses on CEA responsibilities but also provides support to other assessment services associated with Continuous Monitoring (ConMon) and self-inspection efforts to ensure comprehensive security coverage. The Assessor conducts compliance validation, analyzes assessment results to identify significant findings and trends, and mentors other cybersecurity professionals to strengthen vulnerability management across the AOR. This role includes support of automation workflows and tooling that support assessment activities and reporting—ensuring secure, reliable, and scalable delivery across multiple classified environments.

Requirements

Typically requires a University Degree or equivalent experience and minimum 8 years prior relevant experience, or An Advanced Degree in a related field and minimum 5 years experience.
IAM Level I certification (Security+ or other)
Experience with C# (.NET 8+), PowerShell, BASH, and/or Splunk SPL for developing or sustaining operational tooling in security contexts.
Experience with various information system security tools that address vulnerability analysis and mitigation. These include Splunk, Forcepoint, Ivanti, Tenable, ACAS, HBSS, etc.
Relevant experience in any combination: Cybersecurity, systems security, or system hardening
Security Control Accessor (SCA) with the government or military
Information Technology Experience with network security and/or systems security, which includes any of the following: architecture, topology, protocols, components, and/or principles
Experience with configuring and/or auditing operating systems
Compliance-based auditing using the Risk Management Framework (RMF), Defense Counterintelligence and Security Agency (DCSA) Assessment and Authorization Guide (DAAG), Joint SAP Implementation Guide (JSIG), National Industrial Security Program Operating Manual (NISPOM), and/or non-defense regulations such as FAA, Payment Card Industry (PCI), ISO 9001 Quality Management standards, or HIPPA
Experience working with and/or supporting computer technologies (such as databases, operating systems, computer network hardware, protocols, security methodologies, software programs, troubleshooting hardware or electronics)
U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance
Active and transferable U.S. government issued security clearance is required prior to start date.

Nice To Haves

Experienced in C# development and code review within a professional environment, including familiarity with WPF application development and the MVVM architectural pattern.
Experience with code repository management, including version control concepts, push/pull mechanics, and coordinated team-based development using tools such as Git, Azure DevOps, or GitLab.
Experienced in PowerShell, BASH, and Splunk SPL for developing or sustaining operational tooling.
Familiarity with implementation of Government directives and policies derived from NIST, CNSSI, DoD, or other Government Regulatory compliance standards within a professional industry.
Experience providing technical security consultation for complex, cross-domain, heterogeneous classified networked environments in collaboration with internal/external Customers, Information Technology (IT).
Familiarity with large multi-facility networks including complex components, including Windows and Linux environments.
Experience interpreting, implementing, and assessing DISA STIGs.
Experience with continuous monitoring and Plans of Actions and Milestones (POA&Ms).

Responsibilities

Assists with the development and sustainment of ConMon documentation (e.g., process, instruction, training) and tools.
Identifies challenges and suggests opportunities for the CEA Program.
Conducts enhanced assessments.
Prepares reports to identify trends and significant discoveries and assists with root cause analysis.
Assists in the development of implementation plans to mitigate the risk.
Provides Cybersecurity support for Self-Inspection events, as needed.
Provides training to assessment team members on CEA process, tool usage and best practices.
Support the lifecycle of automated tools and scripts (primarily C#, PowerShell, BASH, and SPL), including requirements, design, development, testing, deployment, documentation, and sustainment.