Honeywell INC.

Apply for this job

Product Security Leader (Finance)



The future is what you make it!

When you join Honeywell, you become a member of our global team of thinkers, innovators, dreamers, and doers who make the things that make the future.

That means changing the way we fly, fueling jets in an eco-friendly way, keeping buildings safe and even making it possible to breathe on Mars.

Working at Honeywell isn't just about developing cool things. That's why our employees enjoy access to dynamic career opportunities across different fields and industries.

Are you ready to help us make the future?

The Product Security Leader is a key leadership role within Honeywell Global Security organization with responsibilities aligned to Aerospace business. This person is the primary focal point for all cybersecurity matters related to Aerospace products and service offeringsYOU MUST HAVE

  • Bachelor's degree in Computer Science or Electrical Engineering or discipline with an emphasis on electronic system security or cybersecurity
  • 10+ years technical leadership experience in the software cybersecurity field
  • 8+ years developing, architecting, and implementing enterprise, industrial or embedded class cyber security solutions.

WE VALUE

  • Master's degree in computer science, Electrical Engineering or similar discipline with an emphasis on electronic system security
  • 15+ years of experience in product Cybersecurity for critical infrastructure or regulated industries.
  • Relevant certifications/standards: CSSLP, CISSP, etc. NIST, NIST CSF, CIS Benchmarks, ISO 27001
  • Aerospace Standards: RTCA DO-178C, DO-326A, DO-355, DO-356A, DFARS, etc.
  • Solid foundation in network and application security architecture and SSDLC
  • Deep understanding of cloud security principles (identity & access management, data protection, monitoring, logging, encryption, key management, zero trust, etc.).
  • Expertise with CI/CD pipeline security: source code security analysis, secret management, artifact signing, container image scanning, runtime protection, and automated security testing.
  • Strong knowledge of DevSecOps practices and integrating security tooling into agile workflows.
  • Demonstrated experience dealing with security challenges and issues confronting a large, geographically distributed, departmentally diverse, global, public-facing organization
  • Strong communication skills to distill complex security concepts into actionable recommendations for technical and non-technical stakeholders.
  • Proven ability to influence secure design decisions early in the SDLC.
KEY RESPONSIBILITIES

  • Influence and grow the engineering leadership team on good cyber practices and their role as a steward of the product cybersecurity program. Enable business leadership teams to understand the top security risks and overall security health of their product portfolios.
  • Leverage your deep knowledge of secure SW development, secure-by-default architectures, cloud security and embedded security to facilitate risk-based decisions and design implementations for aerospace products and services.
  • Govern and enforce the effective implementation of product security practices in NPI (New Product Introduction) including emphasis on security requirements, design reviews and oversight/approval during development phases including all phase gate security reviews.
  • Develop and drive approaches to identify and prevent security vulnerabilities earlier in the development process for embedded products, cloud-native applications and SaaS products and work with engineering to deploy and utilize these approaches.
  • Be an advocate for value added process changes and improvements. Share lessons learned across business and projects. Provide training and mentoring to build capability and effectiveness within security and engineering teams
  • Act as the focal point for Aerospace critical customer cybersecurity issues (PSIRT), product security compliance, and external security certifications. Act as a Cybersecurity focal point with regulatory authorities.
  • Lead critical cross-functional workstreams with business, Engineering, Program Management and IT on topics concerning cyber policies, risk management, SDL/regulatory processes, technology development and strategy.
  • Mentor and educate junior staff and developers to embed a strong security culture across the organization.

U.S. PERSON REQUIREMENTS

Due to compliance with U.S. export control laws and regulations, candidate must be a U.S. Person, which is defined as, a U.S. citizen, a U.S. permanent resident, or have protected status in the U.S. under asylum or refugee status or have the ability to obtain an export authorization

#LI-Hybrid

#LI-AL3About Us

Honeywell helps organizations solve the world's most complex challenges in automation, the future of aviation and energy transition. As a trusted partner, we provide actionable solutions and innovation through our Aerospace Technologies, Building Automation, Energy and Sustainability Solutions, and Industrial Automation business segments - powered by our Honeywell Forge software - that help make the world smarter, safer and more sustainable.

Apply

Apply Here done