Location: Harlow England
Security Clearance: SC
Senior Vulnerability and Risk Assurance Manager (Information Technology)Harlow or Glenrothes Summary of Role:
- Raytheon UK has an opportunity for an experienced IT professional to fill the role of Senior Vulnerability and Risk Assurance Manager within the Information Assurance, Security and Compliance (IASC) Group, as a key component of RSL’s IT function.
- The IT function is responsible for the delivery of core support services to all UK based divisions to successfully enable operational business and operational delivery.
- This highly influential assurance and compliance role is responsible for providing leadership in coordinating, assessing, developing & communicating activities that minimize the overall Information Technology (IT) security risk to Raytheon UK.
- The post holder will do this by identifying, reporting, and driving the mitigation of security vulnerabilities within the wider network, its computing infrastructure (including endpoints) and in applications, both internal facing and in those delivered to end clients. By minimizing the internal and external IT security risks, threat based Vulnerability Management (VM) helps defend against proprietary and customer data loss, and reduces the ability for threat actors to carry out malicious activities against the Company.
Demonstrable Skills and Levels - SFIA Foundation Definitions
- Develop a strategy to embed outward facing threat intelligence to understand, focus and prioritise remediation activities through liaison with Raytheon’s Cyber and Intelligence business and with colleagues in RMS.
- Execute, coordinate and document network discovery scans and vulnerability scans for operating system and/or database assets.
- Deliver inventory, vulnerability and associated metrics to IT team. Design and deliver vulnerability reporting using appropriate tools to drive remediation activities.
- Engage IT operations and engineering as needed to drive remediation of vulnerabilities.
- Engage project stakeholders as needed to help drive remediation of vulnerabilities on infrastructure before new applications or updates go live
- Collaborate with other IT groups on monthly patching, non-patch vulnerability remediation, vulnerability exception review.
- Perform ad-hoc vulnerability scans and/or reports.
- Interact with all levels of management, external bodies, stakeholders, and policy holders including senior leadership.
- Review IT and programme technical designs as required and make recommendations for compliance with customer, regulatory and legal requirements.
- Build strong working relationships and effective alignment across functions and businesses in Raytheon UK, Raytheon International counterparts, and Partner/Subcontractor community to enable continuously improving and efficient delivery of Services.
- Deliver cross functional improvement projects were applicable utilising the Raytheon 6 Sigma methodology.
- Autonomy - Works under broad direction. Work is often self-initiated. Is fully responsible for meeting allocated technical and/or project/supervisory objectives. Establishes Milestones and has a significant role in the assignment of tasks and/or responsibilities.
- Influence - Influences organisation, customers, suppliers, partners and peers on the contribution of own specialism. Builds appropriate and effective business relationships. Makes decisions which impact the success of assigned work i.e. results, deadlines and budget. Has significant influence over the allocation and management of resources appropriate to given assignments.
- Complexity - Performs and extensive range and variety of complex technical and/or professional work activities. Undertakes work which requires the application of fundamental principles in a wide and often unpredictable range of contexts. Understands the relationship between own specialism and the wider customer/organisational requirements.
- Business Skills - Advises on available standards, methods, tools and applications relevant to own specialism and can make appropriate choices from alternatives. Analyses, designs, plans, executes and evaluates work to time, cost and quality targets. Assesses and evaluates risk. Communicates effectively, both formally and informally. Demonstrates leadership. Facilitates collaboration between stakeholders who have diverse objectives. Takes all requirements into account when making proposals. Takes initiative to keep skills up to date. Mentors colleagues. Maintains an awareness of developments in the industry. Analyses requirements and advises on scope and options for continuous operational improvement. Demonstrates creativity, innovation and ethical thinking in applying solutions for the benefit of the customer/stakeholder.
- Experience transitioning, maintaining, or using Security Technologies such as Security Incident and Event Management (SIEM), Endpoint Protection, Data Loss Prevention, Forensic Tools.
- Demonstrable experience of the following:
- ◦security technology and operational IT industry standards.
- ◦formal architectural methods such as TOGAF and security architectures.
- ◦Network Security and associated design and topology.
- ◦Understanding of one or more scripting and web development programming languages.
- ◦Microsoft Windows, Linux and Active Directory security
- ◦Database Security – SQL, Oracle etc.
- ◦Wireless security.
- Understanding and experience of Security Testing methodologies
- Understanding of security source code assessment methodologies
- Experience contributing to a central technology service organization.
- Experience collaborating with multiple stakeholders across functional and technical skillsets.
- Ability to understand and analyse complex business problems in order to define and develop technology-based solutions.
- Demonstrable evidence of effective problem solving skills in complex support incidents.
- Excellent customer facing skills with UK nationals and international employees and agencies.
- Excellent relationship skills - the ability to build positive relationships with both technical and business personnel.
- Experience of negotiation and conflict management skills in a complex matrix structure.
- Excellent communication skills in written and oral presentation material
- Ability to demonstrate leadership qualities within virtual teams and multi-party environments.
- Experience of working in MOD and with other Government Departments and Agencies.
- Preferably degree level education although significant experience and track record with tertiary qualifications.
- DV cleared or the ability to become DV cleared.
- Raytheon UK is a subsidiary of Raytheon Company. We are a prime contractor and major supplier to the UK Ministry of Defence and have developed strong capabilities in mission systems integration in defence, National & Cyber security and commercial markets.
- Raytheon UK also designs, develops and manufactures a range of high-technology electronic systems and software solutions at its facilities in Harlow, Glenrothes, Gloucester, Manchester Waddington and Broughton.
- Raytheon Company, with 2017 sales of $25 billion and 64,000 employees, is a technology and innovation leader specialising in defence, civil government and cyber security solutions.
- With a history of innovation spanning 96 years, Raytheon provides state-of-the-art electronics, mission systems integration, C5ITM products and services, sensing, effects, and mission support for customers in more than 80 countries. Raytheon is headquartered in Waltham, Mass
Raytheon Application Process To apply visit the link to the website http://jobs.raytheon.com/united-kingdom/search/and search for Req ID: 114188BR. Please complete the on-line instructions to create a profile and upload CV. Please also view the Raytheon video: http://www.raytheon.com/ourcompany/ourculture/
- Diversity is a core business imperative at Raytheon. We are an equal opportunity employer that promotes inclusiveness and always employs the best professionals for the job. Having a diverse workforce allows Raytheon to draw upon a range of different ideas and experiences which supports growing our business and creates an environment where everyone has an equal opportunity for success.
- Raytheon UK pro-actively encourages diversity of ideas, thoughts, and networking opportunities and has created Employee Resource Groups (ERGs) including Raytheon Women's Network, YesNet (Young Employees Success Network), D&I council, Reservist Network etc. and all Raytheon employees are welcome to participate regardless of their background.
Information and Knowledge Systems, All Information and Knowledge Systems
JBRaytheon Senior Vulnerability and Risk Assurance Manager JP2 ICJBMeta