Senior Principal Cyber Engineer

Job Description

Date Posted:

2024-06-10

Country:

United States of America

Location:

CO106: 16470 East Hughes Drive,Aurora 16470 East Hughes Drive Building S77, Aurora, CO, 80011 USA

Position Role Type:

Onsite

At Raytheon, the foundation of everything we do is rooted in our values and a higher calling – to help our nation and allies defend freedoms and deter aggression. We bring the strength of more than 100 years of experience and renowned engineering expertise to meet the needs of today’s mission and stay ahead of tomorrow’s threat. Our team solves tough, meaningful problems that create a safer, more secure world. 

Raytheon is seeking a well-qualified Deputy IPT Lead-P5 to join the Cyber Security Engineering team for a dynamic, high-profile program located onsite in Aurora, CO. This individual will be responsible for assisting the development and management of the cyber group and may be required to provide guidance to program-level software/hardware architects. This person will also serve as the alternate direct interface during important reviews, briefings, and technical exchange/demos. Communication and collaboration with the customer as well as with other engineering disciplines is required to ensure the program-level chief engineers and architectures support the program's needs.  The person in this role will co-lead the analysis of issues that directly affect the system. The successful candidate will have a security conscious approach to take into consideration the systems level effect to resolving complex programs and the ability to convince leadership that the proposed solution is best for the mission (including program cost and schedule as well as the technical solution).  The individual will work with the program and customer in the development of the system, providing strategic input and planning for the system, applications, architecture and design in a dynamic, agile development environment. They will assist in the tracking of key roadmaps and deliverables.

The position requires secure software cybersecurity expertise, with containerization experience preferred, as well as guiding the secure implementation of databases. This position requires work on-site at Aurora campus and some work will be performed at the customer location in Boulder. The successful candidate is expected to have proven experience implementing secure coding standards, the Defense Information Systems Agency (DISA) Application Security and Development Security Technical Implementation Guide (ASD STIG), database security, and experience with the Risk Management Framework (RMF) process and artifact development leading to a successful Authorization to Operate (ATO).  Continuous Integration / Continuous Deployment (CI/CD) pipeline and DevSecOps experience is highly desired; as is the ability to effectively perform multi-level analysis on disparate data sets, highlighting trends and developing action plans to remediate findings or program objectives, ensuring cyber is at the forefront in development.

What You Will Do

• Assessing systems vulnerabilities and verifying system hardening and patching activities to ensure compliance with the most current applicable Security Technical Implementation Guides (STIGs)/Security Requirements Guides (SRGs) and related checklists

• Preparing documentation (artifacts and bodies of evidence) to support assessment and authorization (A&A) activities necessary to ensure system sustained Approval to Operate (ATO)

• Assisting in defining of cyber requirements and design solutions, providing guidance and direction related to security technologies, performing analysis on cybersecurity collected data and test results, identifying, and implementing cybersecurity design, and preparing and maintaining engineering and security related documentation

• Performing and providing vulnerability assessment results and recommendations to the leadership

• Collaborate w/ teams for security functionality to meet cyber requirements

• Leading and managing Cyber team and taskings to include delivering multiple Accreditation packages, including updating eMASS with assistance of USG

Qualifications You Must Have

• Typically requires a Bachelor's degree in Science, Technology, Engineering or Mathematics (STEM) and 10+ years of hands relevant engineering experience

• Active and transferable U.S. government issued Secret security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance

• Experience in Linux system administration, Linux security integration & configuration, &/or COTS/FOSS patch management/deployment experience, vulnerability assessment and analysis experience utilizing ACAS and DISA STIGs with experience performing vulnerability assessment/remediation

• Experience with cyber security engineering projects and programs for U.S. Government clients to include experience with RMF, NIST 800-37, Continuous Monitoring IAW NIST 800-137, Patching IAW NIST 800-40, NIST 800-53 and CNSSI 1253 and experience in security design concepts to develop solutions to complex IS compliance and security problems

• Experience with performing assessments of various operating systems with DISA STIGs and SRGs, such as network and system security administration, including operating system security configuration and account management best practices for LINUX, Microsoft, and CISCO Systems and experience with manual hardening and system compliance

• Experience with DoD RMF Certification and Accreditation Processes, assessing and validating compliance with IA controls and developing and maintaining associated certification and accreditation documentation

• Security Certification in accordance with DoD 8570.01 IAT-II for a Linux environment (e.g., Security+ CE and Linux OS Certification). NOTE:  Obtaining Security+ certification is required within 6 months of start

Qualifications We Prefer

• An advanced degree in STEM with 10+ years of engineering experience

• Experience working in an Agile development environment, utilizing IaC, Secure Coding practices

• Knowledge of secure coding practices and enforcement through DevSecOps pipelines.

• Familiar with NIST Risk Management Framework as described in NIST Special Publication 800-37

• Experience with information security toolsets such as Nessus, Elastic stack (ELK), and/or SPLUNK or other related Intrusion Detection Tools

• Self-Starter capable of multitasking and efficiently managing your time, requiring limited direction and supervision with the ability to work in a team environment and work collaboratively across traditional engineering disciplines having strong communications skill with program leadership organizations

What We Offer

• Our values drive our actions, behaviors, and performance with a vision for a safer, more connected world. At RTX we value: Trust, Respect, Accountability, Collaboration, and Innovation

• Relocation Eligible – Relocation assistance is available

Learn More & Apply Now

RTX solves some of the toughest challenges in aerospace and defense. That requires expansive thinking and bold innovation – and that, in turn, requires a culture that is diverse, equitable and inclusive.

We embrace individuality and diversity of thought to fuel opportunity for our employees, our customers, and our communities. We work toward progress, knowing that a more inclusive world is critical to our mission. Not just in this moment, but always.

The salary range for this role is 118,000 USD - 246,000 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate’s work experience, location, education/training, and key skills.

Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement.

Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company’s performance.

This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply.

RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window.

RTX is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

Privacy Policy and Terms:

Click on this link to read the Policy and Terms

---