9 days old

Product Security Leader

Honeywell
Phoenix, AZ 85003

Join a team recognized for leadership, innovation and diversity
The future is what you make it.
 
When you join Honeywell, you become a member of our global team of thinkers, innovators, dreamers and doers who make the things that make the future.
 
That means changing the way we fly, fueling jets in an eco-friendly way, keeping buildings intelligent and safe and even making it possible to breathe on Mars.
 
Working at Honeywell isn€™t just about developing cool things. That€™s why all of our employees enjoy access to dynamic career opportunities across different fields and industries.
 
Why Honeywell?
 
For more than 130 years, we€™ve solved the toughest customer challenges through a rare combination of our industrial expertise and our innovations in ground breaking software and technology, and industry-leading automation.
This engineering excellence is built on a foundation of inclusion, diversity and driving a performance culture that values integrity and ethics.
 
Are you ready to help us make the future?
 
We€™re seeking a Product Security Leader to join our Digital and Product Security (DP&S) organization with responsibilities aligned to Aerospace business in Phoenix, AZ.  This person is the primary focal point for all cybersecurity matters related to Aerospace products and service offerings.
 
The Product Security Leader will€¦
  • Influence and grow the engineering leadership team on good cyber practices and their role as a steward of the product cybersecurity program. Enable business leadership team to understand cyber risk and resource needs planning
  • Govern and enforce the effective implementation of product security practices in NPI (New Product Introduction) projects 
  • Provide security oversight/approval in internal and external Design Reviews and ensure that appropriate Security Reviews are conducted 
  • Support and approve product development phase gate reviews for new development programs, ensuring appropriate security checks are in place to meet key security requirements
  • Be an advocate for value added process changes and improvements.  Share lessons learned across business and projects.
  • Support qualification and Cyber certification activities, including review and approval of required documentation
  • Provide training and mentoring to build capability and effectiveness of the Engineering team
  • Approve of processes/tools that are used to conduct investigations/evaluations/reviews related to these key responsibilities
  • Act as the focal point for Aerospace critical customer cybersecurity issues (PSIRT), product security compliance, and external security certifications
  • Institutionalize practices for identifying and quantifying product and portfolio product security risks. Coordinate and track remediation of product security incidents
  • Participate in Aerospace Software Security Group providing input on cyber policies, risk management, processes, technology development and strategy 
  • Maintain and report product security metrics of Aerospace products through their development life cycle for continuous improvement
  • Monitor external security sources for vulnerabilities which impact Aero products
  • Interface with Legal and Marketing Communications group to manage communications of security vulnerabilities in Aero products
  • Review and approve security notifications to inform customers of urgent security issues which may impact their Honeywell products 
  • Act as a Cybersecurity focal point with regulatory authorities 
    YOU MUST HAVE
    • Bachelor's degree in Computer Science or Electrical Engineering or similar discipline with an emphasis on electronic system security or cybersecurity
    • 5+ years Technical leadership experience in the software cybersecurity field
    • 5+ years developing, architecting, and implementing enterprise, industrial or embedded class cyber security solutions.
    • 4+ years with incorporating cyber into software development and related programs. 
      WE VALUE
      • Master's degree in Computer Science, Electrical Engineering or similar discipline with an emphasis on electronic system security preferred.
      • 10+ years of experience in security engineering and risk remediation
      • Strong knowledge of secure software development lifecycle and practices such as threat modeling, security reviews, penetration tests, and security incident response
      • Understanding of security by design principles and architecture level security concepts 
      • Up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities
      • Previous experience with designing and/or testing aircraft avionics systems as well as knowledge of civil aviation certification regulations and processes.
      • Understanding/Knowledge of global frameworks and standards like NIST, FIPS, RTCA DO-178C, DO-326A, DO-355, DO-356A, ISO 27001/27002, ITIL, GDPR, DFARS, etc.
      • Considerable expertise or experience in at least one of following security domains (Threat Modeling, SAST, DAST, Offensive Red Teaming or Penetration Testing, Authentication & Public Key Infrastructure (PKI), Vulnerability Management, Data Security or Cryptography).
      • Expert knowledge of the concepts, principles, structures, and standards used to design, implement, monitor, and secure hardware designs such as: Secure Boot, Trusted Boot, Measured Boot, Secure Enclave, Trusted Platform Module (TPM), Real Time Operating Systems, hardware-based encryption, trusted execution.
      • Experience working with Linux, SE Linux, Xilinx and NXP processors is preferred
      • Experience with C, C++, Python, Assembly, etc.
      • Certifications in security and privacy demonstrating deep practical knowledge such as CSSLP, CISSP, ISSAP, ISSEP, GCIH, GCIA, GCFA, GPEN, GCFE, CCNA, CCNP, CEH, Security+.
      • Active engagement and contributions to the cybersecurity community via security related forums, blogs, attending security conferences, white papers, etc.
      • Strong collaboration skills working cross functionally with internal and external customers
      • Excellent communication and leadership skills
      • Experience presenting to broad audiences from technical to executive level

        Additional Information
        • JOB ID: HRD93842
        • Category: Engineering
        • Location: 21111 N. 19th Ave (Deer Valley),Phoenix,Arizona,85027,United States
        • Exempt
        • Due to US export control laws, must be a US citizen, permanent resident or have protected status.