Full Job Description
Raytheon Technologies - RMD
Security - Information System Security Manager (ISSM) of Record (IOR)
This position is for an Information System Security Manager (ISSM) of Record (IOR) at the Tewksbury, MA Facility. The IOR is the lead ISSM is responsible for the Cybersecurity program as stipulated by various US Government requirements including (but not limited to): National Industrial Security Operating Manual (NISPOM) and related documentation such as the Office of the Designated Approving Authority (ODAA) Process Manuals, Baseline Technical Security Configuration Standards, DSS Authorization and Assessment Process Manual (DAAPM) as well as customer/contract specific Cybersecurity regulations. Components of the IA program include Assessment and Authorization (A&A) activities (documentation preparation, system configuration/validation, certification testing, etc.), security sustainment activities (hardware change management, software change management, account management, media protection, user interface, file transfers, etc.), conducting self-inspections, audit trail review, and delivering information systems security education and awareness. This position manages the IA incident response program as well as interfaces with other IA team members, other security disciplines (industrial security, physical security, special programs security, etc.), program personnel and government security representatives. This position is responsible for and manages security compliance of all DSS authorized systems within the CAGE code, with oversight of the Information Systems Security Officers and Managers.
This position requires a US Secret Security Clearance on day one of employment, with the ability to obtain a US Top Secret Clearance.
This position is ERIP eligible.
Capped relocation support is available to the selected applicant if eligible per Company policy. Amount of budget to be discussed at the appropriate time.
8+ years of experience working with and/or supporting computer technologies (such as: Microsoft Office applications, databases, operating systems or computer network hardware)
Currently holds a US SECRET Clearance with ability to obtain a Top Secret Clearance.
Experience successfully and respectfully interfacing with internal/external customers (i.e. DSS, AO, GCAs, DAO, IT, Program Managers, etc.)
Experience in the oversight and execution of the Assessment & Authorization processes (previous ISSM experience)
Ability to obtain and maintain Information Security professional certification commensurate with DoD 8570.1-M Level 3 requirements (CISSP or other) within six months of hire date.
Existing DoD TOP SECRET/SCI Clearance
Working experience with operating systems; Solaris, HPUX, Linux, or Windows
Ability to develop and defend Basis of Estimates
Ability to handle difficult situations in high pressure environments and make tough decisions
Ability to lead a team
Design and implement a process to identify and mitigate specific risks within the security environment.
Understands and leverages business knowledge to achieve results (financial, manpower, etc).
Experience working with government regulations, such as NISPOM, JAFAN, JSIG, DIACAP and Risk Management Framework. Regulation is based on customer requirements
Experience supporting various system configurations (Stand Alone, Local Area Networks, Wide Area Networks, Government, and Contractor connections)
Experience with Interconnected Security Agreements (ISA), Network Security Plans (NSP), Memorandum of Agreement/Understanding (MOA/U)
Preparation of Assessment and Authorization documents and procedures
Ability to deliver Cybersecurity related briefings and training material
Self-motivated and possess good written, verbal, listening and presentation skills, particularly in documenting evaluation results
Previous experience working in a classified information systems environment
Desire and ability to work as a team member
Knowledge of Six Sigma and statistical techniques
Customer focused, adaptable and willing to work varying assignments
Familiarity with Test Equipment and Sanitization Procedures
Organizational skills to include: attention to detail, time management and ability to multitask
Must be flexible and work with general supervision
Experience with audit reviews such as: physical security, network and application, password administration, file access privileges, etc.
CISSP, CISM, Security+ or similar 8570 certification
Bachelor's Degree in either Computer Science, Information Systems Management, Information Technology, Criminal Justice, Business or other relevant degree OR 8 years related experience in lieu of degree
The following courses can be completed at the DSS Training Website: https://cdse.usalearning.gov/my/
NISPOM Chapter 8 Requirements for Industry (IS201.16)
Introduction to Industrial Security (IS011.16 / .06)
Safeguarding Classified Information (IS109.16 / .06)
Cyber Security Awareness (CI130.16)
Risk Management Framework (RMF) Curricula (CS100.CU)
Continuous Monitoring (CS200.16)
Special Access Program Overview (SA001.16/06)
NISPOM DD254 Security Windows UNIX LINUX Information Systems Security Information Assurance Certification and Accreditation Cyber Software Engineer Computer Science MIS Management Information Systems ISSO CISSP CISM JAFAN JSIG DCID ISSM Information Security Information Technology IT Auditing Cyber DSS C&A IA IAM IAO Information Systems Security Officer Information Systems Security Manager Microsoft Windows Office UNIX Linux HPUX Solaris, Cybersecurity 163669
Raytheon Technologies is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, age, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.