Cybersecurity Risk Analyst (Hybrid)

Date Posted:

2024-09-12

Country:

United States of America

Location:

HMD31: Annapolis, MD 2551 Riva Road , Annapolis, MD, 21401-7435 USA

Position Role Type:

Hybrid

Do you want to be part of a growing team of cybersecurity analysts & experts working to identify real-world threats, analyze risks, and develop novel solutions for complex cyber challenges?

Collins Aerospace, an RTX company, is a leader in advanced technologically and intelligent solutions for the global aerospace and defense industry. Our Connected Aviation Solutions (CAS) Cybersecurity team is searching for a Cybersecurity & Risk Analyst.  As a member of the Governance, Risk and Compliance team, this analyst will lead risk assessments of new and legacy products as well as have meaningful conversations in mitigating risk, providing guidance of RTX Cyber Policies, and knowledge transfer to fellow team members as well as product engineering teams.  As we launch a new Issues Management and Authorization to Operate (ATO) processes for CAS Products, the Cybersecurity Risk Analyst will play an integral role in the success of the program through the implementation of the process and coordination with product teams and their cyber support staff. 

The Cybersecurity Risk Analyst will provide training and guidance to stakeholders across the organization, collaborating with other risk management professionals to share knowledge, best practices, and lessons learned to help Product Team members build a strong risk-aware culture.  This role requires collaboration with RTX Corporate Cyber teams, stakeholders, and leaders across multiple teams to achieve objectives and manage updates on multiple processes.
 

Regardless of role, we expect excellent interpersonal and communication skills across all hires at Collins Aerospace. We look for candidates who will thrive here, meaning they demonstrate clear communication, embrace open feedback, trust their colleagues, and are driven to execute, deliver, and complete projects independently and efficiently.  

This role is Hybrid (3 days/week on site) based in Annapolis, Maryland.

What You Will Do: 

Internal product Risk Assessments:

• Provide consultation and guidance to product teams, facilitate assessment activities, & document findings.

• Conduct probability and impact analyses & prepare and maintain risk assessment reports for the duration of the product lifecycle.

Authorization to Operate (ATO) Processes:

• Provide guidance to internal product teams on conducting control assessments / gap analyses in accordance with NIST 800-171.

• Review evidence for completeness and adequacy & vulnerability, SAST, DAST, etc. scan results.

• Support issues identification and risk register preparation & prepare ATO reports and participate in ATO leadership evaluations.

Issues Management Processes:

• Provide guidance to internal product teams on identifying, assessing, and documenting cybersecurity issues, gaps, vulnerabilities, etc.

• Review submitted issues and risk evaluations, offering feedback and consulting services to product teams.

• Support risk register management activities & aid in the preparation of issue management reports and participate in issue analysis and review.

Cybersecurity Documentation Management:

• Support periodic reviews and updates of existing cybersecurity documentation (e.g., procedures, guidance, forms, etc.).

• Develop new documentation as needed to align with changing industry best practices and corporate requirements.

Consulting:

• Help product teams interpret and align with new cybersecurity policies, laws, and regulations & provide cybersecurity guidance, training, and awareness.

Qualifications You Must Have: 

• U.S. citizenship is required, as only U.S. citizens are authorized to access information under this program/contract 

• Typically requires a University Degree and minimum 5 years prior relevant experience or an Advanced Degree in a related field and minimum 3 years of experience or in absence of a degree, 9 years of relevant experience.

• Cyber security experience developing policies/governance, conducting security control assessments/gap analysis, and risk assessments against corporate policies or cyber industry standards and documenting results of risk assessments or audits.

• Experience with cybersecurity principles, developing policy, frameworks, and regulations (e.g., NIST, ISO, GDPR, and/or CCPA).

• MS Excel experience with formulas, pivot tables, and/or other data manipulation functions.

Qualifications We Prefer: 

• Ability to identify exceptions or non-compliance and determine the action plans required for remediation.

• Excellent written and oral communication skills, including presentation skills and negotiation skills.

• Experience with GRC tools (e.g., Archer, ServiceNow, Drata, etc.)

• Experience working with customers (internal and external) and industry professionals.

• Ability to be adaptive, willing to drive change and innovation.

• Proven ability to manage multiple projects simultaneously and prioritize tasks based on urgency and impact.

• Excellent critical thinking, problem-solving, and decision-making skills.

What We Offer: 

Some of our competitive benefits package includes:  

• Medical, dental, and vision insurance 

• Three weeks of vacation for newly hired employees 

• Generous 401(k) plan that includes employer matching funds and separate employer retirement contribution, including a Lifetime Income Strategy option 

• Tuition reimbursement program 

• Student Loan Repayment Program 

• Life insurance and disability coverage 

• Optional coverages you can buy: pet insurance, home and auto insurance, additional life and accident insurance, critical illness insurance, group legal, ID theft protection 

• Birth, adoption, parental leave benefits 

• Ovia Health, fertility, and family planning 

• Adoption Assistance          

• Autism Benefit 

• Employee Assistance Plan, including up to 10 free counseling sessions 

• Healthy You Incentives, wellness rewards program 

• Doctor on Demand, virtual doctor visits 

• Bright Horizons, child and elder care services 

• Teladoc Medical Experts, second opinion program 

• And more!  

 Learn More & Apply Now! 

Diversity drives innovation; inclusion drives success. We believe a multitude of approaches and ideas enable us to deliver the best results for our workforce, workplace, and customers. We are committed to fostering a culture where all employees can share their passions and ideas so we can tackle the toughest challenges in our industry and pave new paths to limitless possibility. 

#reempowerprogram 

This role is also eligible for the Re-Empower Program. The Re-Empower Program helps support talented and committed professionals as they rebuild their capabilities, enhance leadership skills, and continue their professional journey. Over the course of the 14-week program, experienced professionals will gain paid, on-the-job experience, have an opportunity to participate in sessions with leadership, develop personalized plans for success and receive coaching to guide their return-to-work experience. Upon completion of the program, based on performance and contributions participants will be eligible for a career at RTX. 

Minimum Program Qualifications: 

• Be on a career break of one or more year at time of application 
• Have prior experience in functional area of interest 
• Have interest in returning in either a full-time or part-time position 

Connected Aviation Solutions: 

Our Connected Aviation Solutions team provides advanced information management systems, products and services that enable the connected ecosystem by bringing together Collins’ unique breadth of aviation products with our smart digital solutions to help us enhance every aspect of the end-to-end travel experience. We help airlines, airports and business aircraft turn data into value to streamline operations, increase efficiency and reduce cost, enhance the passenger experience and contribute to sustainable flight. By combining the best networks, connectivity and data/analytics solutions, we’re solving big problems for our customers and the world, while enhancing the security and connectivity of systems both on and off the aircraft, to help operators and passengers stay more connected and informed and create a more sustainable, efficient, reliable and enjoyable travel experience. Aviation connects the world. Our Connected Aviation Solutions team connects aviation. Sustainably. Seamlessly. Securely. 

Diversity drives innovation; inclusion drives success. We believe a multitude of approaches and ideas enable us to deliver the best results for our workforce, workplace, and customers. We are committed to fostering a culture where all employees can share their passions and ideas so we can tackle the toughest challenges in our industry and pave new paths to limitless possibility. 

*Please ensure the role type (defined below) is appropriate for your needs before applying to this role.

• Hybrid: Employees who are working in Hybrid roles will work regularly both onsite and offsite.  Ratio of time working onsite will be determined in partnership with your leader. 

At Collins, the paths we pave together lead to limitless possibility. And the bonds we form – with our customers and with each other -- propel us all higher, again and again. 

Apply now and be part of the team that’s redefining aerospace, every day. 

The salary range for this role is 85,000 USD - 179,000 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate’s work experience, location, education/training, and key skills.

Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement.

Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company’s performance.

This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply.

RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window.

RTX is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

Privacy Policy and Terms:

Click on this link to read the Policy and Terms