Chief Cybersecurity Architect

Greendale, WI, United States

VA544: 22265 Pacific Blvd, Dulles 22265 Pacific Boulevard Building CC6, Sterling, VA, 20166-6920 USA RTX At RTX, we're accelerating ideas to solve some of the world's biggest challenges by bringing together the brightest, most innovative minds across aviation, space and defense. View company page

Date Posted:

2024-01-26 Country:

United States of America Location:

VA544: 22265 Pacific Blvd, Dulles 22265 Pacific Boulevard Building CC6, Sterling, VA, 20166-6920 USA Position Role Type:

Hybrid You have been redirected to RTX’s career page as we have recently transitioned from RTX to become a standalone company, which provides us with greater autonomy and opportunities for growth. As a prospective employee of Nightwing, you’ll have the chance to contribute to our continued success and shape the future of our cybersecurity, intelligence, and services offerings.

As the Chief Cybersecurity Architect, you will be a key leader responsible for developing, assessing, and maintaining a comprehensive cybersecurity architecture for our organization. You will play a crucial role in safeguarding our company's digital assets, ensuring data privacy, and maintaining the highest standards of cybersecurity. The Chief Cybersecurity Architect will be required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services.

**Key Responsibilities:**

Develop and maintain a robust cybersecurity architecture strategyaligned with the organization's goals and objectives.

Develop and document security architecture blueprints, guidelines, and best practices for consistent implementation across projects.

Ensure the architecture and services complies with relevant cybersecurity regulations, industry standards, and certifications (i.e. NIST CSF, DFARs, CMMC

Design and oversee the integration of security measures into cloud -based, on-prem and hybrid systems, ensuring compliance with NIST standards and the NIST Cyber Security Framework

Develops and maintains a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers

Validates IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable

Coordinates with the privacy officer or office to document data flows of sensitive information in the organization (e.g., PII or ePHI) and recommend controls to ensure that this data is adequately secured (e.g., encryption and tokenization)

Reviews network segmentation to ensure least privilege for network access

Conducts or facilitate threat modeling of services and applications that tie to the risk and data associated with the service or application

Reviews security technologies, tools and services, and makes recommendations to the broader security team for their use, based on security, financial and operational metrics

Provide expert guidance to cross-functional teams, including architecture, engineering, operations, and compliance, to ensure security considerations are embedded in all stages of project lifecycles.

Evaluates the statements of work (SOWs) for these providers to ensure that adequate security protections are in place. Assesses the providers' SSAE 16 SOC 1 and SOC 2 audit reports (or alternative sources) for security-related deficiencies and required "user controls" and report any findings to the CISO and vendor management teams

Liaises with the Supply Chain team to conduct security assessments of existing and prospective vendors, especially those with which the organization shares intellectual property (IP), as well as regulated or other protected data: Software as a service (SaaS) providers

Cloud/infrastructure as a service (IaaS) providers

Managed service providers (MSPs)

Payroll providers

Collaborate with teams to develop cybersecurity policies and procedures to protect the company's information assets.

Participates in application and infrastructure projects to provide security-planning advice

Continuously assess the organization's security posture, identify vulnerabilities, and recommend remediation strategies

Promote a culture of security awareness and provide cybersecurity training to employees.

Stay updated on emerging cybersecurity threats and technologies, and adapt the security architecture accordingly.

Build and lead a high-performing cybersecurity team, providing mentorship and guidance.

Demonstrated ability to develop and communicate a business case for technology investment to senior management and executive audiences.

Excellent communication and leadership skills.

Ability to think strategically and drive innovative solutions to complex security challenges.

Qualifications:

Bachelor's degree in Computer Science, Information Technology, or a related field. A master's degree is a plus.

Must have a minimum of 10 years of applicable experience developing and writing technical cybersecurity solutions for complex proposals, for large complex IT systems, demonstrating a high degree of ingenuity, creativity and resourcefulness.

Extensive experience in cybersecurity, including at least 7 years in a leadership role.

Strong experience in cloud security, including designing and implementing security measures for cloud-based environments (e.g., AWS, Azure, Google Cloud).

Experience developing enterprise IT security architectures, including zero trust, which provide layered defenses against external threats/advanced persistent threats and insider threats.

Experience developing enterprise security solutions for big data environments with fine grained access controls in support of zero trust and insider threat capabilities.

Experience or familiarity with implementing IT risk management, security protocols, cryptography/PKI, multi-factor authentication, single sign-on, and identity management.

Direct, hands-on experience or strong working knowledge of managing security infrastructure — e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM and log management technology.

Full-stack knowledge of IT infrastructure: Applications

Databases

Operating systems — Windows, Unix and Linux

Hypervisors

IP networks — WAN and LAN

Storage networks — Fibre Channel, iSCSI and NAS

Backup networks and media

Containers/Kubernetes

Deep understanding of U.S. government regulations and compliance standards, especially those related to the Department of Defense (DoD) and federal agencies (e.g., NIST, FISMA, DFARS, ITAR).

Exceptional knowledge of encryption, access control, and data protection techniques related to government data.

Experience in working with government clients or on government contracts, with a deep understanding of their unique security and compliance requirements.

Ability to obtain required clearance level for position (TS/SCI – poly, FSP preferred)

Strong knowledge of cybersecurity technologies, tools, and methodologies.

Existing clearance desired, ability to obtain a clearance required.

Desired Skills:

Professional certifications such as CISSP, CISM, TOGAF or CISA are highly desirable.

Experience in sectors with stringent compliance requirements (e.g., healthcare, finance).

Previous work in defense or aerospace industries.

Certification in cloud security (e.g., AWS Certified Security – Specialty, Azure Security Engineer).

Participation in security and compliance-focused industry groups and associations.

Previously part of a leading Fortune 100 company and headquartered in Dulles, VA; Nightwing became independent in 2024 but continues to support the nation’s most mission impactful initiatives.

When we formed Nightwing, we brought a deep set of credentials and an unfaltering commitment to the mission. For over four decades, our team has been providing some of the world’s most technically advanced full-spectrum cyber, data operations, systems integration and intelligence support services to the U.S. government on its most important missions.

At Nightwing, we value collaboration and teamwork. You’ll have the opportunity to work alongside talented individuals who are passionate about what they do. Together, we’ll leverage our collective expertise to drive innovation, solve complex problems, and deliver exceptional results for our clients.

Thank you for considering joining us as we embark on this new journey and shape the future of cybersecurity and intelligence together as part of the Nightwing team.

The salary range for this role is 118,000 USD - 246,000 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate’s work experience, location, education/training, and key skills.Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement.Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company’s performance.This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply.RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window. RTX is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

Privacy Policy and Terms:

Click on this link to read the Policy and Terms

Explore more InfoSec / Cybersecurity career opportunities Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.

#J-18808-Ljbffr