18 days old

Security Governance and Compliance Lead

Honeywell
Atlanta, GA 30303
  • Jobs Rated
    25th

Join a team recognized for leadership, innovation and diversity

The future is what you make it. When you join Honeywell, you become a member of our global team of thinkers, innovators, dreamers and doers who make the things that make the future. That means changing the way we fly, fueling jets in an eco-friendly way, keeping buildings smart and safe and even making it possible to breathe on Mars. Working at Honeywell isn€™t just about developing cool things. That€™s why all of our employees enjoy access to dynamic career opportunities across different fields and industries. Are you ready to help us make the future? 

Honeywell specializes in the \"things\" that are critically connected - beyond smart phones and laptops...what we know to be IoT. We make the kinds of connections that keep cities working, planes flying, plants running, and workers safe. Our unique capabilities, over a century in the making, brings together data, expertise, and technology to connect people, processes, and assets. Our solutions are built-on top of our world class IoT Platforms and feature the latest in cyber security. Customers count on us to make and manage their critical connections.

We are hiring for the position of Security Governance and Compliance Lead to join our growing midtown Atlanta Cyber Security team who will€¦

  • Work collaboratively with like-minded, innovative and passionate people to foster an environment where Security is an integral part of the development and operations lifecycle, while maintaining efficiency of design and speed to market.
  • Blend Cyber Security policies from Honeywell Businesses, Corporate IT and external best-in-class systems to create a Governance framework for Honeywell Connected Enterprise
  • Instrument a Compliance system based on self-assessments, internal assessments and mapping results to Corrective and Preventative actions. Use this system as an evidence data mine for Corporate and external audits
  • Collaborate with internal and external stakeholders in building and monitoring control system to drive certification on products for FedRAMP, SOC2, ISO27001, etc.
  • Construct a Maturity Model (based on Industry examples such as BSIMM) to measure capability and progress towards goals for maturity
  • Actively monitor emerging policies and best practice to continuously improve the Cyber Capability of Honeywell Connected Enterprise
  • In Building Compliance and Maturity systems, be cognizant of the following Security Domains:
    • Product and Platform architecture to support Secure Operations and access from the Edge to the Cloud (including the data and application layers)
    • Secure Development Lifecycle processes and tools that comply with Governance policies and standards
    • Secure Operations
    • Cryptography
    • Data Protection and Privacy
    • Incident Action and Response
    • IT Service Continuity and Disaster Recovery
    • Collaborate with Cyber Security colleagues on building training programs around Secure Development and Operations.

      YOU MUST HAVE

      • Bachelors in Computer Science, Mathematics, IT/MIS or another technical/Engineering subject
      • US Citizenship due to contractual requirements
      • 8+ years experience in driving cyber security program based on industry standards and control frameworks including NIST 800-53, ISO27001, ISA62443, CSA Cloud Control Matrix and managing certifications including SOC2
      • 2+ years of experience managing FedRAMP certifications
      • 5+ years of experience designing and implementing controls used in securing products and services hosted on public cloud environments.
      • 3+ years of Azure and AWS cloud architecture and related security controls
      • 8+ years of experience in defining and documenting security policies, standards, baselines and procedures to govern secure development lifecycle and infrastructure platform management.
      • 3+ years of agile methodology

        WE VALUE

        • Masters in Computer Science, Mathematics, IT/MIS or related Engineering subject, with an emphasis in Information Security.
        • The desire to learn, experiment and shape the future of €˜connected tech€™
        • Great interpersonal skills; the ability to negotiate and influence persuasively, but politely
        • Great communication skills, using multiple technologies and techniques €“ in person and remote, verbal and written.
        • Great organization sills, both in planning your own work, as well as managing the material and systems that others rely on to build security into their work
        • Familiarity with Industry initiatives to measure, manage and test Secure Development and Operations, such as BSIMM, NIST Cybersecurity Framework, SOC 2. Experience with a development Maturity Model such as CMMI or Continuous Delivery Maturity Model would be helpful.
        • Experience in a fast-paced, Agile, DevOps Environment with CI/CD DevOps pipeline

          Additional Information
          • JOB ID: HRD91238
          • Category: Engineering
          • Location: 715 Peachtree Street, N.E.,Atlanta,Georgia,30308,United States
          • Exempt
          • Must be a US Citizen due to contractual requirements.