Senior Manager, Digital Supply Chain Risk & Resilience (Remote)

RTX•US-CT-REMOTE, CT

6d•Remote

About The Position

At RTX, the world largest aerospace and defense company, 185,000 great minds are united by purpose and inspired to make a difference solving the world’s most complex problems. With our three market leading businesses, world-class operations and investments in research and development, we offer capabilities and opportunity no one else can. Together, we push the boundaries of known science and find new ways to connect and protect our world. Join us and help shape the future of aerospace and defense. RTX is seeking a highly experienced, strategic and proactive leader to serve as the Senior Manager - Supplier Cyber Risk & Resilience. This role will be responsible for developing, implementing, and managing a comprehensive supplier cyber risk management function in collaboration with RTX's supply chain and product security teams. The ideal candidate will have a strong background in cybersecurity, supply chain risk management, and leadership, with the ability to drive cross-functional initiatives and ensure compliance with regulatory and corporate standards. The Senior Manager – Supplier Cyber Risk & Resilience reports to the Director – Digital Risk and is responsible for managing the supplier cyber risk & resilience program for Enterprise Services, Pratt Whitney, Collins Aerospace and Raytheon. The role will require a deep understanding of supplier cyber risk & resilience management, the ability to lead through transformation, and successfully partner with key Enterprise functions, Internal Audit and RTX business units.

Requirements

A University Degree in and a minimum of 10 years of prior relevant experience, or an Advanced Degree in a related field and a minimum of 7 years of relevant experience.
Prior relevant work experience must include digital risk management, cybersecurity, or a related discipline.
Experience working in a global, heavily regulated industry.
General knowledge of IT, Artificial Intelligence and cybersecurity with experience in the following areas: incident response, business continuity/ disaster recovery, vulnerability management, application security, database security, identity & access management, OT security, cloud security, third-party & supply chain risk management.
Excellent analytical, problem-solving, and decision-making skills.

Nice To Haves

3+ years of experience in a risk advisory or consulting firm.
Strong understanding of digital risk management frameworks, standards, and best practices (e.g., NIST 800-53, NIST 800-171, ISO 27001, CMMC).
Proven track record of successfully building or transforming supplier cyber risk management programs in large, complex organizations, preferably within the Aerospace and Defense or Financial Services industries.
Proven ability to lead cross-functional teams and manage complex projects in a matrixed organization.
Familiarity with supply chain processes and product security requirements.
Ability to communicate with all levels of management verbally and written, facilitate effective meetings, build effective working relationships and partnerships, and strong interpersonal skills
Relevant certifications such as CISSP, CISM, CRISC, or similar are desirable.
Highly proficient in Microsoft Office products with experience in preparing presentations and presenting to executive leadership.

Responsibilities

Establish and operationalize a robust supplier cyber risk & resilience management program to identify, assess, and support resolution of cyber and resilience risks across RTX’s supply chain.
Identify, implement and maintain processes, methodology, tools and technologies to support supplier cyber risk and resilience management.
Plan and conduct supplier cyber & resilience assessments, identify risks, document risk assessments in standard report deliverable, and support implementation of risk mitigation strategies.
Document and manage findings and remediation plans in RTX’s authoritative source of record throughout the entire finding lifecycle.
Support evaluation of supplier compliance with RTX cybersecurity policies, industry standards, and government regulations (e.g., NIST, CMMC, DFARS).
Build strong relationships with suppliers to promote cybersecurity best practices and drive continuous improvement in supplier cyber risk management.
Lead efforts to address supplier-related cybersecurity incidents, including root cause analysis and corrective actions.
Develop and maintain key performance indicators (KPIs) and dashboards to measure the effectiveness of the supplier cyber risk management program.
Provide regular status update on program health to Director - Digital Risk.
Drive supplier and internal awareness programs to enhance understanding of cybersecurity risks and requirements.
Partner with RTX supply chain, product security, and other relevant teams to align supplier cyber risk management strategies with corporate objectives.
Partner with cross-functional teams, including IT, Cyber Defense, Internal Audit, Legal, and Compliance, to ensure a cohesive and integrated approach to digital risk management.
Partner with other GRC functions to drive the development and implementation of risk-based policies and controls to safeguard digital assets and ensure compliance with industry standards and regulations.
Stay updated on industry trends, regulatory changes, and best practices related to digital risk.
Must be willing occasionally travel onsite in Dallas, TX or Farmington, CT.