Senior Manager, Digital Supply Chain Risk & Resilience

This is a fully remote position, open to applicants in Connecticut, +1 more state.

📋 Description

• Develop and implement a comprehensive supplier cyber risk and resilience management program to identify, evaluate, and address cyber and resilience risks within RTX’s supply chain.

• Identify, deploy, and sustain processes, methodologies, tools, and technologies to facilitate supplier cyber risk and resilience management.

• Plan and execute supplier cyber and resilience assessments, pinpoint risks, document risk evaluations in standardized report formats, and aid in the execution of risk mitigation strategies.

• Record and oversee findings and remediation plans in RTX’s primary source of record throughout the entire lifecycle of the findings.

• Assist in evaluating supplier adherence to RTX cybersecurity policies, industry standards, and government regulations (e.g., NIST, CMMC, DFARS).

• Cultivate strong relationships with suppliers to advocate for cybersecurity best practices and foster ongoing improvement in supplier cyber risk management.

• Lead initiatives to tackle supplier-related cybersecurity incidents, including root cause analysis and corrective actions.

• Create and maintain key performance indicators (KPIs) and dashboards to assess the effectiveness of the supplier cyber risk management program.

• Provide regular updates on program status to the Director of Digital Risk.

• Promote supplier and internal awareness programs to enhance comprehension of cybersecurity risks and requirements.

• Collaborate with RTX supply chain, product security, and other pertinent teams to align supplier cyber risk management strategies with corporate goals.

• Partner with cross-functional teams, including IT, Cyber Defense, Internal Audit, Legal, and Compliance, to ensure a unified and integrated approach to digital risk management.

• Collaborate with other Governance, Risk, and Compliance (GRC) functions to drive the creation and implementation of risk-based policies and controls to protect digital assets and ensure compliance with industry standards and regulations.

• Stay informed about industry trends, regulatory changes, and best practices concerning digital risk.

• Must be willing to occasionally travel onsite to Dallas, TX or Farmington, CT.

⛳️ Requirements

• A University Degree in a relevant field and a minimum of 10 years of pertinent experience, or an Advanced Degree in a related field with at least 7 years of relevant experience.

• Prior relevant work experience must encompass digital risk management, cybersecurity, or a related field.

• Experience in a global, heavily regulated industry.

• Over 3 years of experience in a risk advisory or consulting firm (preferred).

• Strong knowledge of digital risk management frameworks, standards, and best practices (e.g., NIST 800-53, NIST 800-171, ISO 27001, CMMC).

• Proven experience in successfully establishing or transforming supplier cyber risk management programs in large, complex organizations.

• Demonstrated ability to lead cross-functional teams and manage intricate projects within a matrixed organization.

• Familiarity with supply chain processes and product security requirements.

• Relevant certifications such as CISSP, CISM, CRISC, or similar are preferred.

• Exceptional analytical, problem-solving, and decision-making abilities.

• Highly skilled in Microsoft Office products, with experience in creating presentations and presenting to executive leadership.

🏝️ Benefits

• Parental (including paternal) leave

• Flexible work schedules

• Achievement awards

• Educational assistance

• Child/adult backup care

• Medical benefits

• Dental benefits

• Vision benefits

• Life insurance

• Short-term disability benefits

• Long-term disability benefits

• 401(k) match

• Flexible spending accounts

• Employee assistance program

• Employee Scholar Program

• Paid time off

• Holidays