Principal Open Source / Software Compositional Analysis Engineer

Date Posted:

2025-04-15

Country:

United States of America

Location:

RMA99: RTN Remote, Massachusetts

Position Role Type:

Remote

At Raytheon, the foundation of everything we do is rooted in our values and a higher calling – to help our nation and allies defend freedoms and deter aggression. We bring the strength of more than 100 years of experience and renowned engineering expertise to meet the needs of today’s mission and stay ahead of tomorrow’s threat. Our team solves tough, meaningful problems that create a safer, more secure world. 

The RTX Product Cybersecurity Center (PCsC) is transforming the future of software system development and cybersecurity through the integration of Development, Security, and Operations (DevSecOps).  The Secure Development team is seeking a team member to enable DevSecOps methodologies and outcomes into empowered and high performing teams– founded on a culture of excellence, creative problem-solving, and a willingness to take calculated risks. 

The successful applicant will support corporate strategies in Open-Source management and will help programs select Open-Source software and evaluate its cybersecurity, license and operational risks.

The applicant will participate corporate activities such as cross Business Unit technical workshops to identify barriers to Open-Source adoption, formulate projects to address barriers, and support the execution of projects across the enterprise. This engineer will investigate cutting-edge tools, technologies, and processes used in modern system/software development and engage directly with programs in all Business Units to implement Open-Source strategies. Additionally, the Open-Source engineer will support open-source training initiatives across RTX.

This is a fulltime remote position

What You Will Do

• Support development of an OSPO and associated services to RTX functions and programs.

• Support the development of Open-Source policies, processes and enablers

• Support the development of Open-Source training for management and engineering.

• Perform cybersecurity and license risk analysis and determine if the proposed FOSS risks are acceptable for the planned use and document risk mitigation steps.

• Keep track of Open-Source adoption, use, maintenance and retirement.

• Contribute to secure development and DevSecOps projects.

• Work with Legal and Intellectual Property to obtain approval for Open-Source releases to the community.

Qualifications You Must Have  

• Typically requires a Bachelor’s in Science, Technology, Engineering, or Mathematics (STEM preferred) and a minimum of 8 years of prior engineering experience.

• Experience evaluating Open-Source licenses and cybersecurity risks

• Familiarity with vulnerability data bases (e.g., NIST Vulnerability Database) and Software Compositional Analysis tools (e.g., BlackDuck)

• Experience with Software Engineering or Cybersecurity

• Experience with DevSecOps

• Experience with Agile development such as Scrum, Continuous Integration, Automated Testing, etc.

• Experience developing and delivering training or technical presentations (e.g., lunch and learns, customer presentations, milestone reviews, proposal orals, symposium talks, conference presentations, or formal/informal technical training)

• The ability to obtain and maintain a U.S. government issued Secret security clearance is required. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance.

Qualifications We Prefer

• Highly preferred experience with Software Compositional Analysis (SCA)

• Experience developing risk mitigation plans

• Experience developing cybersecurity incident reports

• Experience with Static Application Security Testing (SAST)

• Strong software development skills and experience

• Security accreditations - i.e. CISSP, Certified Ethical Hacker (CEH)

• Experience in Systems Engineering, Systems Test and/or Software Disciplines design, development, and test activities

• Experience working with multi-disciplinary teams (e.g., Systems Engineering, Systems Test, Cybersecurity, Software)

• Working knowledge of cloud-based computing, AWS preferred

• Experience with automated cybersecurity practices

• Experience in developing and delivering technical training

• Excellent interpersonal communication and public speaking skills

• Good technical writing skills and experience (white papers, trade studies, process enablers, learning materials, presentations)

• Located within a one-hour drive to an RTX facility

• Active Security Clearance   

What We Offer

• Our values drive our actions, behaviors, and performance with a vision for a safer, more connected world. At RTX we value: Safety, Trust, Respect, Accountability, Collaboration, and Innovation.

• Not Relocation Eligible – Relocation assistance not available

Learn More & Apply Now!

• Please consider the following role type definition as you apply for this role.

‒ Remote: Employees who are working in Remote roles will work primarily offsite (from home).An employee may be expected to travel to the site location as needed.

• This position requires a security clearance. DCSA Consolidated Adjudication Services (DCSA CAS), an agency of the Department of Defense, handles and adjudicates the security clearance process. More information about Security Clearances can be found on the US Department of State government website here: https://www.state.gov/m/ds/clearances/c10978.htm 

• We Are RTX

The salary range for this role is 101,000 USD - 203,000 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate’s work experience, location, education/training, and key skills.

Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement.

Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company’s performance.

This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply.

RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window.

RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans’ Readjustment Assistance Act.

Privacy Policy and Terms:

Click on this link to read the Policy and Terms