Assoc Dir, Digital Supply Chain Risk & Resilience (Hybrid)

RTX

4

(263)

Multiple Locations

Why you should apply for a job to RTX:

  • Ranked as one of the Best Companies for Women in 2019
  • 4/5 in overall job satisfaction
  • 69% say women are treated fairly and equally to men
  • 78% would recommend this company to other women
  • 79% say the CEO supports gender diversity
  • Ratings are based on anonymous reviews by Fairygodboss members.
  • Programs are also available for dependent and adult care, family leave, college planning, counseling and personal convenience services.
  • We provide programs that offer solutions to life’s challenges, including a variety of flexible work arrangements and paid time off.
  • Employees may participate in tax-advantaged accounts to pay for eligible health and dependent care expenses with pretax dollars.
  • #RAYTGLOBAL01728657EXTERNALENGLOBAL

    Position summary

    To realize our full potential, RTX is committed to creating a company where all employees are respected, valued and supported in the pursuit of their goals. We know companies that embrace diversity in all its forms not only deliver stronger business results, but also become a force for good, fueling stronger business performance and greater opportunity for employees, partners, investors and communities to succeed.

    The following position is to join our RTX Corporate, Enterprise Services, Research Center or BBN team:

    Role Overview

    We're looking for a highly motivated individual with a strong work ethic and the ability to work in a collaborative, fast-paced, changing environment. As the Associate Director of the Digital 3rd Party Supply Chain Risk & Resilience Team, you will play a crucial role in managing and mitigating risks associated with 3rd party suppliers while assuring the resilience of the RTX supply chain. This role requires a forward-thinking leader with expertise in digital 3rd party supply chain cyber security risk management.

    What You Will Do:

    The Associate Director, Digital 3rd Party Supply chain Risk & Resilience is responsible for establishing and managing the Digital 3rd Party Supply Chain Risk Management and Resilience Program for Enterprise Services, Pratt Whitney, Collins Aerospace and Raytheon. In this role you will lead a team of talented professionals who will conduct cybersecurity assessments of 3rd party suppliers to determine their ability to protect RTX and Customer data as required by cybersecurity, privacy, financial, federal, state, industry and international laws and regulations. You will design, deploy and operate a robust set of 3rd party risk & resilience services for Enterprise Services and the BU's. In this role you will work closely with service owners, subject matter experts, business unit & functional stakeholders, and key suppliers to test and report on the ability of our suppliers to protect sensitive RTX and customer data. You will also partner with Supply Chain to mitigate risks associated with single source suppliers to assure the resiliency of the supply chain. This role reports into the Director, 3rd Party Digital Risk & Resilience and has responsibilities that include:

    • Conduct thorough initial & ongoing risk assessments and due diligence required to evaluate the cybersecurity posture and compliance with DoD and industry regulations of 3rd party suppliers, vendors and cloud service providers

    • Develop & promulgate risk mitigation strategy to 1) diversify the supplier base to reduce dependency on any single 3rd party provider or services and 2) develop contingency plans for critical 3rd party services.

    • Develop & test incident response plans that includes 3rd party suppliers.

    • Ensure 3rd party suppliers handling RTX and Customer sensitive data have robust recovery plans and can support continuity of operations.

    • Ensure 3rd party suppliers comply with all relevant regulations and industry standards for cybersecurity, ITAR and privacy.

    • Conduct periodic reassessments of 3rd party supplier sensitive data handling practices

    • Establish regular communication channels with 3rd party suppliers for reporting and managing risk. Implement reporting system for 3rd party supplier performance, risks and incidents

    • Establish a communications program to collaborate and share threat intelligence and best practices with 3rd party suppliers

    • Effectively manage communications and statuses across relevant stakeholders (from senior leaders to technical SMEs). Build presentations/content adjusted to a given audience on program strategy and status

    • Establish and maintain 3rd party risk & resilience metrics and scorecards.

    • Manage both direct and matrixed resources to accomplish key deliverables.

    Qualifications You Must Have:

    • Typically requires a University Degree or equivalent experience and a minimum 12 years of experience, or an Advanced Degree and a minimum 10 years experience.

    • 6+ years of significant and demonstrated experience in leading large-scale programs or initiatives in multi-national organizations.

    • 3+ years of experience with or within a cybersecurity organization

    • Professional certifications such as Certified Compliance & Ethics Professional (CCEP), Certified Information Systems Auditor (CISA) or Certified Information System Security Professional (CISSP) required.

    • US Citizen or US Person required

    Qualifications We Prefer:

    • Familiarity with U.S. DoD and International cybersecurity and privacy Laws (e.g. GDPR) and Regulations

    • Familiarity with supply chain management and specific challenges related to 3rd party risk in aerospace & defense sector

    • Strong background in cybersecurity principles, including threat detection, incident response and vulnerability management.

    • Deep understanding of aerospace & defense industry, including its unique regulatory and compliance requirements (e.g ITAR, DFARS, NIST)

    • Hands on experience in managing 3rd party supplier relationships from on-boarding to off-boarding.

    • Knowledge of best practices in vendor management and performance monitoring

    • Current U.S. Security Clearance

    What We Offer: Whether you're just starting out on your career journey or are an experienced professional, we offer a robust total rewards package with compensation; healthcare, wellness, retirement and work/life benefits; career development and recognition programs. Some of the benefits we offer include parental (including paternal) leave, flexible work schedules, achievement awards, educational assistance and child/adult backup care.

    The salary range for this role is 158,000 USD - 316,000 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate's work experience, location, education/training, and key skills.

    Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement.

    Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance.

    This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply.

    RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window.

    RTX is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

    Privacy Policy and Terms:

    Click on this link to read the Policy and Terms

    Why you should apply for a job to RTX:

  • Ranked as one of the Best Companies for Women in 2019
  • 4/5 in overall job satisfaction
  • 69% say women are treated fairly and equally to men
  • 78% would recommend this company to other women
  • 79% say the CEO supports gender diversity
  • Ratings are based on anonymous reviews by Fairygodboss members.
  • Programs are also available for dependent and adult care, family leave, college planning, counseling and personal convenience services.
  • We provide programs that offer solutions to life’s challenges, including a variety of flexible work arrangements and paid time off.
  • Employees may participate in tax-advantaged accounts to pay for eligible health and dependent care expenses with pretax dollars.