Chief Product Security Leader
Atlanta, GA, USA | Honeywell
Industry:Manufacturing (Heavy Industry)
Job Description:80 people have viewed this job
The Senior Director of Product Cyber Security is a technical business driven leader who will be responsible for driving a comprehensive industry-leading Product Cyber Security teams focused on protecting our Honeywell Buildings Technology (HBT) business.This leader will bring hands-on as well as strategic thought leadership to the HBT development community at the intersection of the Secure Software Development Lifecycle (SSDLC), advanced cyber-threats, customer requirements, and business driven values.
The role requires deep knowledge of the various security assurance activities in a Secure Software Development Lifecycle, history of applying that information across a variety of software delivery methodologies and proven expertise in leading a team of security architects, testers, and researchers.This role will work closely with engineering as we develop advanced defenses to counter identified threats.
In this key and visible role, you will...
Develop and drive programs to operationalize the security vision across the business with an emphasis on gaining measurable results.
Deliver a range of security architecture and assurance activities as part of Honeywell’s Security Development Lifecycle.
Develop and maintain a program that informs business unit and functional group leadership of the top security risks and overall security health of their products
Work with engineering and other leaders to ensure security assurance activities occur during the software development lifecycle and appropriate security mitigations are integrated into the product.
Develop and drive approaches to identify and prevent security vulnerabilities earlier in the development process in an automated scalable manner and work with engineering to deploy and utilize these approaches.
Build a strong security community across the company’s functional, business and technology organizations.
YOU MUST HAVE
Bachelor's degree in Computer Science, Electrical Engineering, Information Systems, or similar degree
15+ years of overall professional experience
5+ years of management experience
3+ years of experience in Penetration Testing and finding vulnerabilities in online services
Strong communications skills with all levels of an organization, including executive and front-line employees
Willingness to work a problem to completion in a fast-paced environment
Expertise and thought leadership across all aspects of SSDLC
Ability to perform and mentor team members in all security assurance activities in the SSDLC from concept through to release including architecture and design reviews, threat modelling, use of appropriate tools and code reviews
Deep understanding of security vulnerabilities, their mitigations, and ability to communicate details appropriate to audience levels
Deep understanding of development methodologies, developer tools and processes
Understanding of security and privacy regulations and standards is desirable
Demonstrated experience dealing with security challenges and issues confronting a large, geographically distributed, departmentally diverse, global, public-facing organization
Proven success delivering large, complex projects and programs
CISSP, CISM, CISA or other related credentials
Already a member? Sign In