Director Product Security
Apply NowCompany: Honeywell
Location: Atlanta, GA 30349
Description:
Join a team recognized for leadership, innovation and diversity
Innovate to solve the world's most important challenges
Honeywell is a Fortune 100 software-industrial leader. Technology is what we are passionate about and runs deep in our veins. We deliver industry-specific solutions for aerospace, control / energy efficient technologies for buildings, safety and productivity solutions for enterprises and workers and high-performance materials and process technologies that make the world connected, smarter, safer, and more sustainable.
Do you have a passion for everything related to product security? Are you at a point in your career that you want to make a bigger impact for an organization? If this describes the next step you want to take, Honeywell's Building Automation business (BA) is seeking a Product Security Leader (PSL) for their Security and Access Solutions (SAS) strategic business unit. This is a senior technical non-supervisory role who will be an important member of the BA Product Security team. As the SAS PSL you will get the chance to make a huge impact in helping direct the cybersecurity and privacy strategies used to secure all of the products developed for the Security and Access Solutions business.
You would report to the BA Cybersecurity Chief with matrix reporting to the SAS Vice President and Chief Technology Officer (VP/CTO).
KEY RESPONSIBILITIES
YOU MUST HAVE
WE VALUE
Innovate to solve the world's most important challenges
Honeywell is a Fortune 100 software-industrial leader. Technology is what we are passionate about and runs deep in our veins. We deliver industry-specific solutions for aerospace, control / energy efficient technologies for buildings, safety and productivity solutions for enterprises and workers and high-performance materials and process technologies that make the world connected, smarter, safer, and more sustainable.
Do you have a passion for everything related to product security? Are you at a point in your career that you want to make a bigger impact for an organization? If this describes the next step you want to take, Honeywell's Building Automation business (BA) is seeking a Product Security Leader (PSL) for their Security and Access Solutions (SAS) strategic business unit. This is a senior technical non-supervisory role who will be an important member of the BA Product Security team. As the SAS PSL you will get the chance to make a huge impact in helping direct the cybersecurity and privacy strategies used to secure all of the products developed for the Security and Access Solutions business.
You would report to the BA Cybersecurity Chief with matrix reporting to the SAS Vice President and Chief Technology Officer (VP/CTO).
KEY RESPONSIBILITIES
- Serve as the SAS VP/CTO's chief advisor on product security and privacy strategies and cyber risk management of their portfolio of products.
- As a member of the VP/CTO's extended leadership team, you will influence the development of SAS's products and ensure they are secure by design and by default.
- Proactively engage in building solid working relationships with Engineering, Legal & Marketing that drive secure development practices and designs.
- Be a coach to Product Security Directors, Security Architects, Security Champions & developers to grow their product security skills.
- Maintain and drive product security metrics of SAS products through their development life cycle for continuous improvement.
- Accountability, in conjunction with the SAS VP/CTO, for keeping our customers secure. This includes Product Security Risk Management and assuring compliance with corporate and BA Product Security Risk Management policies for all products in the SAS portfolio.
- Ensure adoption of product security requirements and encourage the use of BA standard components across SAS.
- Evaluate & enhance product security processes to keep them lean and optimize security.
- Participate in the BA Software Security Group (SSG) as a voting member to drive secure-by-default design practices and a security-focused culture across BA.
- Lead and coordinate cross-functional activities to support incident response to closure.
- Be the focal point for critical customer cybersecurity issues, product security compliance, and external security certifications.
- Build great talent by searching out the best, learning and inspiring others to build a world class product security team.
YOU MUST HAVE
- 6+ years familiarity securing Cloud, Mobile, and on-premises software including embedded Linux and RTOS software systems and installable Windows client and server software.
- Understanding of DevSecOps.
- 2+ years hands-on and leadership experience with software development.
- 10+ years experience in technology, cybersecurity.
- Strong knowledge of secure software development lifecycle and practices such as threat modeling, security reviews, penetration tests, and security incident response.
- Working knowledge of Cyber security frameworks - i.e. ISA/IEC 62243, NIST 800-53, NIST RMF, etc.
- Experience conducting secure product reviews leveraging both automated (i.e. SAST, DAST, SCA, etc.) & manual activities (Penetration Testing).
- Understanding of 'security by design' principles and architecture level security concepts
- Up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities.
- Excellent communication (written and oral) and leadership skills.
- Bachelor's degree in computer science or software engineering, electrical engineering or equivalent experience.
- Strong interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities and resolve conflicts.
WE VALUE
- Understanding of development methods and methodologies - i.e. Agile, SAFe, SCRUM, etc.
- Certifications in security and privacy demonstrating deep practical knowledge. CSSLP is the preferred knowledge base.
- Category: Engineering
- Location: 715 Peachtree Street, N.E., Atlanta, GA 30308 USA
- Exempt