Associate Director – Digital Risk Management
RTX
CloudCyber Security
Salary
💰 $176,000 - $352,000 per year
Job Level
Lead
Tech Stack
CloudCyber Security
About the role
- Define, implement and maintain an effective digital risk management program that aligns with corporate objectives and regulatory requirements and enables the RTX global business strategy & operations across all unclassified domains, acquisitions, subsidiaries, and product lines of business
- Lead development and execution of long-term risk management strategies in alignment with RTX Enterprise Services (ES) Cybersecurity strategy and overall RTX global business strategy, develop and direct execution of mid- and short-term strategies to reduce digital risk in collaboration with Enterprise Services and business unit partners supporting compliance for global Defense, Commercial, and international business pursuits for RTX, Pratt Whitney, Collins Aerospace and Raytheon
- Establish operational plans and standards in support of the RTX global business strategy to meet commitments to customer requirements and Federal and international regulations
- Manage several teams of geographically distributed digital risk professionals who identify, assess, prioritize, track and report digital risk and mitigation status, including: Digital Risk Management, Risk Assessments & Audit Engagement, Digital Third-party Risk & Resilience; responsible for talent acquisition, retention, employee career and development
- Define, implement, operate and report on key performance indicators (KPIs) and key risk indicators (KRIs) metrics related to Digital Risk and provide regular status updates to Senior Director – Digital Governance & Risk
- Closely align global 3rd party risk & resilience strategies to assure confidentiality, availability and integrity of RTX and customers' sensitive data by testing and auditing cybersecurity controls, incident response plans, sharing threat intelligence and reporting on 3rd party digital performance, risks and incidents
- Partner with Cybersecurity leadership, RTX Digital Risk Council and key stakeholders across ES and business units to define and manage risk appetite and tolerance
- Partner with GRC, IT, Cyber Defense, Internal Audit, Legal, and Compliance to ensure cohesive integrated approach to digital risk management and compliance with industry standards and regulations
- Partner with Strategy and Transformation to prioritize investments based on risk
- Establish and maintain relationships with RTX Internal Audit and 3rd Party Auditors for planning, coordinating and executing audits in partnership with the Compliance Leader
- Stay updated on industry trends, regulatory changes, and best practices related to digital risk
- Report to Sr. Director – Digital Governance & Risk and lead the Digital Risk program for Enterprise Services, Pratt & Whitney, Collins Aerospace and Raytheon
Requirements
- A University Degree in Business, Science, Technology, Engineering or Mathematics and a minimum of 14 years of prior relevant experience, or an Advanced Degree in a related field and a minimum of 12 years of relevant experience
- Prior relevant work experience must include digital risk management, cybersecurity, or a related discipline, with at least 8 years in a leadership role
- Must be authorized to work in the U.S. without sponsorship now or in the future (RTX will not offer sponsorship for this position)
- Preferably 5+ years of experience in a top-tier risk advisory or management consulting firm or Financial Services
- Strong understanding of digital risk management frameworks, standards, and best practices (e.g., NIST 800-53, NIST 800-171, ISO 27001, COSO ERM, FAIR)
- Proven track record of successfully transforming digital risk programs in large, complex organizations, preferably within the Aerospace and Defense or Financial Services industries
- Strong understanding of, and experience in digital risk quantification (e.g. FAIR)
- Ability to communicate with all levels of management verbally and written, facilitate effective meetings, build effective working relationships and partnerships, and strong interpersonal skills
- Excellent analytical, problem-solving, and decision-making skills
- Relevant certifications such as CISSP, CISM, CRISC, or similar are desirable
- Highly proficient in Microsoft Office products with experience in preparing presentations and presenting to executive leadership
- General knowledge of IT, Artificial Intelligence, and cybersecurity with experience in incident response, business continuity/disaster recovery, vulnerability management, application security, database security, identity & access management, OT security, cloud security, third-party & supply chain risk management
- General knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity (e.g., DFARS, FAR, ITAR, EAR)
