Cyber and Compliance Leader - Pratt & Whitney Engineering

Date Posted:2025-12-11Country:United States of AmericaLocation:UT25: North CarolinaRemote Location,Remote City, NC, 28208 USAPosition Role Type:HybridU.S. Citizen, U.S. Person, or Immigration Status Requirements:U.S. citizenship is required, as only U.S. citizens are authorized to access information under this program/contract. Security Clearance:None/Not RequiredRTX Corporation is an Aerospace and Defense company that provides advanced systems and services for commercial, military and government customers worldwide.It comprises three industry-leading businesses - Collins Aerospace Systems, Pratt & Whitney, and Raytheon. Its 185,000 employees enable the company to operate at the edge of known science as they imagine and deliver solutions that push the boundaries in quantum physics, electric propulsion, directed energy, hypersonics, avionics and cybersecurity. The company, formed in 2020 through the combination of Raytheon Company and the United Technologies Corporation aerospace businesses, is headquartered in Arlington, VA.The following position is to join our RTX Enterprise Services team:Role Overview:The RTX Pratt & Whitney Cybersecurity organization is seeking a highly motivated and experienced Cybersecurity & Compliance Leader (CCL) to serve as a strategic partner to assigned business domains. This role sits at the intersection of cyber risk, compliance, and business operations, ensuring that enterprise cybersecurity priorities are understood, adopted, and executed within the business while providing leadership visibility into local risk posture.The CCL is a trusted advisor, risk translator, and business-facing liaison, responsible for aligning cyber and compliance requirements with business objectives, driving risk governance, and ensuring readiness for internal and external regulatory expectations. The role is a key contributor to Pratt & Whitney's Cyber Mission Assurance and overall enterprise cyber posture. CCLs are not operators-they drive risk ownership, clarity, and business action, ensuring cyber enables mission success, operational continuity, and customer trustOur Teams Guiding Principles:• Business First, Cyber Always: Every engagement starts with business outcomes and ends with secure enablement.• Standardize Where Possible, Tailor Where Needed: Consistency breeds efficiency; flexibility ensures relevance. • Proactive over Reactive: Drive forward deployment and early alignment, not last-minute fire drills. • One Team, Many Voices: Maintain unity across CMS while respecting each BU's unique mission and terrain. What You Will Do:Cyber & Compliance Risk Leadership• Serve as the single, business-facing point of accountability for cyber & compliance risk posture within assigned domains. • Provide an integrated view of risks spanning IT, OT, cloud, engineering, suppliers, and regulatory environments.• Ensure risk decisions are owned, resourced, and prioritized by the business. Business Partnership & Strategic Alignment• Embed cybersecurity considerations into business strategies, programs, and major initiatives (e.g., modernization, engineering systems, manufacturing operations). • Represent business needs to the cybersecurity, compliance, and Digital Technology organizations to ensure alignment and prioritization. • Translate enterprise cyber strategy, standards, and roadmaps into actionable, business-relevant plans.Governance, Accountability & Risk Reviews• Lead business-facing cyber and compliance governance forums, including risk reviews, program touchpoints, and compliance readiness discussions. • Ensure traceability and follow-through on mitigation actions, funding decisions, and risk acceptance. • Provide leaders with clear, concise, and actionable insights on posture, gaps, and progress. Compliance Readiness & Sustainment• Partner with internal and external stakeholders to maintain audit readiness across relevant regulatory frameworks (e.g., CMMC, government customer requirements, RTX policies).• Identify control gaps, coordinate business remediation, and ensure evidence and documentation are complete and accurate. Communication, Change Management & Stakeholder Engagement• Communicate cyber risks, policies, and changes in a clear, tailored, business-friendly manner. • Influence leaders and teams through relationship-building and strong cross-functional partnerships. • Drive awareness and cultural adoption of secure behaviors and compliance obligations. Performance Measurement & Continuous Improvement• Define and socialize KPIs, metrics, and indicators of cyber posture aligned with enterprise models.• Identify systemic trends and improvement opportunities; partner with technical teams to shape solutions. • Promote optimization, innovation, and CORE principles in support of operational excellence. CORE Principles• Drive best practices using RTX CORE (Customer Oriented Results and Excellence) principles to foster innovation and operational efficiency. Qualifications You Must Have:• Bachelor's Degree from an accredited college or university in Computer Science, Computer Engineering, Cybersecurity or a related discipline with 12+ years of prior relevant experience ORAdvanced Degree in a related field and 10+ years of experience.• 10+ years experience in information security practices/frameworks including identifying risks, emerging cyber security threats, and risk mitigation processes. • Experience across more than one cybersecurity discipline (e.g., security architecture, compliance, vulnerability management, incident response, application security). • Experience in team leadership and ability to lead through influence to drive creation and execution of operational plans and service delivery. • U.S. citizenship is required, as only U.S.citizens are authorized to access information under this program/contract. Qualifications We Prefer:• Ability to write succinct briefings, presentations, and reports to convey analysis, trends, strategies and then use effective communication skills to present analytical data and tailor the message to a variety of technical and non-technical audiences. • Strong deductive reasoning, critical thinking, prioritization and follow through with attention to detail while seeking opportunities to innovate and excel.• Ability to effectively lead and inspire cross-functional teams by leveraging influence, fostering collaboration and building consensus to drive cybersecurity initiatives and enhance security posture. • Adept at understanding business strategy, planning, processes, ability to inject cybersecurity into the business through teamwork and influence. • Able to attain and preserve credibility with the team through sustained cyber, digital and/or aerospace & defense industry knowledge. • Adaptive to change and comfortable with navigating complex, evolving organization structures.• Passion in working with customers and functional partners, building strong trust relationships, and championing an environment that encourages different viewpoints and ideas. • Knowledgeable in Agile development, related concepts, and execution. • Certified security expert CISSP, CEH, GEVA, or similar. What We Offer: Whether you're just starting out on your career journey or are an experienced professional, we offer a robust total rewards package with compensation; healthcare, wellness, retirement and work/life benefits; career development and recognition programs.Some of the benefits we offer include parental (including paternal) leave, flexible work schedules, achievement awards, educational assistance and child/adult backup care. Learn More & ! Work Location: HybridPlease consider the following role type definition as you apply for this role:Hybrid: Employees who are working in Hybrid roles will work regularly both onsite and offsite. Ratio of time working onsite will be determined in partnership with your leader. As part of our commitment to maintaining a secure hiring process, candidates may be asked to attendselect steps of the interview process in-person at one of our office locations, regardless of whether the role is designated as on-site, hybrid or remote.The salary range for this role is 147,000 USD - 295,000 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate's work experience, location, education/training, and key skills. Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays.Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement. Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance.This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply. RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window. RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class.RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans' Readjustment Assistance Act. Privacy Policy and Terms:Click on this link to read the Policy and Terms Apply tot his job