Vulnerability Assessment Specialist

Job Description :
Raytheon Technologies, Inc. is seeking a Vulnerability Assessment Specialist to be a part of a Vulnerability Management team supporting a major United States government agency, performing security controls assessments, vulnerability assessment, remediation management, penetration testing, and risk assessment. The successful candidate will provide the organization with a comprehensive vulnerability management strategy and capability and work with application teams to remediate vulnerabilities. This is a remote position.

• Support customer of large, complex enterprise consisting of vulnerability scanning, applications security, enterprise vulnerability assessments, remediation management, and penetration testing
• Define vulnerability assessment and penetration testing policies and standards in alignment with CISO mission and direction
• Work with the security governance, risk, and compliance capability to ensure vulnerability scanning incorporates controls and compliance requirements
• Conduct internal and external stakeholder meetings to ensure cooperation in identifying and remediating vulnerabilities
• Provides direction and tasking to direct reports.
• Develop methods to integrate new tools into current workflows
• Ensures the senior leadership direction and requests are fulfilled.
• Prepare, write, and present reports and briefings to customer senior leadership
• Provide training as required

• The position requires U.S. Person status
• Experience with large organization networks.
• Experience with regulatory compliance and policy enforcement
• Knowledge of Vulnerability Assessment processes and procedures
• Experience defining legal boundaries for penetration tests
• Experience in the roles identified above
• Excellent communication and interpersonal skills
• Be able to support limited domestic travel (<50 %)
• Ability to work within a multi-disciplined team
• Must possess a strong working knowledge of all Microsoft applications and commonly used analytic software tools (i.e., Word, Excel, PowerPoint, and Access).
• Must have excellent understanding of popular COTs vulnerability/Pen Testing tools i.e. Tenable i.o., Nessus Pro, Qualys, Rapid 7, Burp Suite, Cobalt Strike, etc.
• Must be able to work collaboratively across organizations and physical locations
• Knowledge of cyber security RMF, OWASP, SANS top 20, NIST Security frameworks

• Be trained and proficient with one or more insider threat monitoring tools
• 4+ years in cyber security
• Performed vulnerability risk assessments on SCADA systems and remediation
• Knowledge of CERT-RMM
• Understanding of process development and deployment of security tools
• Excellent writing skills

Required Education:
Bachelor’s degree in related field. Master’s Degree strongly preferred. Equivalent experience may be considered in lieu of education.

Desired Certifications:
CEH, GPEN

Raytheon Technologies is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, age, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.