Raytheon Technologies ISSM - MD in Annapolis, Maryland
Raytheon CODEX boasts nearly 50 talented engineers and support staff in Annapolis Junction, Maryland. Our office offers a casual work environment with fully stocked cafeterias, game rooms, and dynamic research labs. Free-lunch Thursdays allow employees to mingle with co-workers and a flexible schedule provides the freedom to balance work, play, and family time. Additional activities include many historic attractions in downtown Washington D.C., sports venues, nightlife, and multiple performing-arts centers that add to the vibrant and exciting culture of our nation’s capital.
Raytheon CODEX is a technology-focused company with incredible growth and career opportunities. We are passionate about meaningful work that challenges the mind and encourages collaboration as we work to solve the nation’s toughest challenges. Raytheon CODEX emphasizes career development, technical excellence, and passion for the mission. We are a fast-paced, dynamic organization that puts our customers first while remaining casual, fun, and family-oriented.
This job opportunity is for a Principal Cyber Technologist that will serve as an Information System Security Manager (ISSM) at the Raytheon CODEX facility in Annapolis Junction, MD.
The ISSM will apply current technologies to the design, development, evaluation, and integration of computer information systems and networks to maintain system security.
They will work with internal customers and commercial computer product vendors to evaluate state-of-the-art secure COTS applications, operating systems, networks, and database products and technologies.
They will provide security and integration services to internal customers, including IT, Program Managers, System Administrators, Engineers, ISSMs, and ISSOs.
They will be involved in a wide range of secure architectures, secure electronic data traffic, network security, information security, and compliance with government regulations.
The ISSM will develop RMF BOE documentation for accredited systems.
They will ensure the protection of company and customer data against unauthorized disclosure, accidental or intentional loss of data, or unauthorized modification.
The ISSM is responsible for executing the Cybersecurity program as stipulated by various USG requirements documents, including (but not limited to) DAAPM, ICD 503, and associated NIST documentation.
The selected candidate will be responsible for effective day-to-day execution of the Cybersecurity program to include (but not limited to):
Maintaining the operational security posture of assigned systems, ensuring information systems security policies, standards, and procedures are established and followed.
Developing and maintaining various portions of RMF BOEs of assigned systems, including (but not limited to) SSPs, RARs, POAMs, SCTMs, SOPs, test plans, and other associated documentation.
Working with IT personnel to help design, test, configure and manage an official security baseline that meets NIST requirements for servers, workstations, routers, switches, firewalls, etc.
Overseeing rework related to resolving configuration issues for those items that fail to meet established baseline requirements.
Monitoring performance of technical security controls assessments and baseline validations to identify vulnerabilities and remediate deficiencies as part of a CONMON program.
Providing oversight to Cybersecurity sustainment activities, including hardware/software change management, account management, auditing, media protection, training, file transfers, etc.).
Performing self-inspections, audits, baseline validations, and other CONMON activities.
Performing initial and annual general/privileged user training and associated functions.
Supporting various actions related to cyber incident response, investigation, and resolution.
Managing changes to systems and accessing the security impact of those changes.
The ideal candidate will possess strong written and oral communications skills, in-depth technical aptitude, exemplary customer service skills, strong time management skills, the ability to find solutions to complex challenges creatively, multi-task, and thrive in a fast-paced environment.
This position will report directly to the Raytheon CODEX IA Cyber Manager.
This position will require an active TS/SCI with polygraph Security Clearance.
This position will require the candidate to obtain and maintain a Cybersecurity Professional certification commensurate with their role (e.g., IAM Level 1, Level 2, etc.)
4+ years of experience in Cybersecurity, information systems security, or security engineering.
Experience and familiarity with Secure Technical Implementation Guides (STIGs), Information Assurance Vulnerability Alerts (IAVAs), and other tools using industry best practices.
Experience developing System Security Plans (SSPs) and supporting RMF Bodies of Evidence.
Experience supporting various computer hardware platforms and multiple operating systems in both stand-alone and LAN/WAN configurations.
Working knowledge of operating systems security features and settings (e.g. Windows, UNIX, and Linux).
Proven ability to make sound decisions and implement all aspects of information systems security applied within DAAPM, ICD 503, NIST SPs, and other government doctrines.
Professional demeanor, good interpersonal skills, and ability to excel in a high-paced, multi-tasked environment.
Demonstrated ability to act independently, prioritize tasks, and manage to schedule.
Willingness to perform security tasks outside specialty (e.g., program security) and be proficient in Microsoft Applications (Word, Excel, PowerPoint, Access, Visio, etc.).
Strong communication skills with the ability to communicate effectively in both oral and written modes and author and present subject specific presentations.
Must be willing and able to travel as required up to 10% of the work schedule.
Experience with computer forensic tools and investigation methodologies.
Experience with various information system security assessment/hardening tools - SCAP Compliance Checker, STIG Viewer, ACAS, Nessus, SECSCN, DISA SRR, Retina, etc.
Working knowledge of Wide-Area and Local Area Networks to include Cisco-based routers, switches, and firewalls.
DoDD 8570.1M/8140 compliant Professional Certification (e.g. Security +, CISSP, etc.).
Current Top Secret clearance with SCI access and polygraph.
Prior ISSO/ISSM or alternate ISSO/ISSM experience.
Self-starter with ability to work independently, customer service orientated.
In-depth knowledge of NIST special publications, CNSS policies, and instructions.
Required Education (including Major):
Bachelor’s Degree in Computer Science, Information Systems, Cybersecurity, or related field of study; or six years of experience in place of education.
Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, age, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.