Innovate to solve the world's most important challenges
Lead Cyber Security Architect – Bangalore
Honeywell is a Fortune 100 company with global sales surpassing $40B and has been one of Fortune’s Most Admired Companies for over a decade. Through innovation the company brings together the physical and digital world to seek some of the toughest societal and business problems – making the world a more productive, safe, and balanced place. The business is organized into five primary groups: Aerospace; Building Technologies; Performance Materials and Technologies; Safety and Productivity Solutions; and the Connected Enterprise.
Honeywell Connected Enterprise (HCE) is a global leader for products and technologies that are installed in more than 10 million buildings, aircraft, and facilities worldwide. We are a pioneer in the Internet of Things, developing the next generation of connected offerings. The Security Engineer – Tools & Technology reports to the HCE Product Security Leader and will be responsible to provide drive hardware selection, configuration, design, and process improvements within our products; and to provide mentoring and mentorship to other team members.
Are you a cyber professional who desires to make a difference in the everyday security of people? Are you tired of being a consultant to engineering teams that ignore your input? Someone who wants to drive real improvements into real products in an environment which has a strong organizational support for product security?
The Lead Cyber Security Architect requires business acumen; technical acuity; and the ability to think, communicate and write at various levels of abstraction. Security architects are expected to advocate for security requirements and evaluate new services, vendors, applications, and security tools; drive hardware selection, configuration, design, and process improvements within our products from a technical perspective, and to translate the risk characteristics of these activities and functions into enterprise cyber risk terms.
As a key member of our growing product security team, you'll leverage your proven experience to...
· Provide architecture and standard methodologies' mentorship in building secure Honeywell products.
· Collaborate in broader security community to establish and mature Security & Product Compliance by design best practices, including HCE specific process improvement, HCE security architecture library updates
· Provide hands-on leadership for secure lifecycle process activities including threat modeling, risk assessment, analysis of findings from penetration tests, and tools (e.g. SAST/DAST, SCA, vulnerability scans), identification and design of risk-remediating security requirements
· Mentor and coach junior team HCE Security member; able to lead matrix cross-functional teams to solve complex challenge with minimum supervision
· Develop and Drive standardized set of security product requirements into HCE product and service offerings.
· Lead and coordinate multi-functional activities for incident response
· Serves as a security expert, helping project teams comply with enterprise security policies, industry regulations, and best practices. Quantify residual product risk and identification of appropriate security controls.
· Support a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology, and threat drivers
· Define and design secure solutions with the primary tenants of Availability, Integrity and Confidentiality
· Contributes to the development and maintenance of security architecture artifacts (e.g., models, templates, standards, and procedures)
· Participate in application and infrastructure projects to provide security-planning advice
· Coordinate with DevOps teams to advocate secure coding practices
· Liaise with other security architects and security practitioners to share best practices and insights
· Analyzes business impact and exposure, based on emerging security threats, vulnerabilities, and risks.
· Communicates security risks and solutions to business partners
· Provide analysis of vendors and suppliers technical capabilities for services provided to Honeywell
· Participate in the technical evaluation and testing of hardware and software for possible impact on systems or data securityMust have a desire for gaining new knowledge, behaviors, and skills. Builds on and applies existing knowledge. Engages in learning from others, inside and outside the organization. Tries new approaches and broadens the scope of work to learn from work assignments
You must have:
- Bachelor’s degree
- 10+ years software development experience required
· MS Degree preferred
· Product architecture and development background
· Strong knowledge of secure software development lifecycle (SSDLC) and practices such as threat modeling, security reviews, penetration tests, and security incident response.
· Understanding of security by design principles and architecture level security concepts
· Up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities
· Strong interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among project partners
· Certifications in security demonstrating deep practical knowledge such as CSSLP or CISSP
· Experience and knowledge in threat modeling, security reviews, penetration tests, and security incident response.
· Understanding of Agile software development practices
· Experiences with DevOps (CI/CD)
- JOB ID: HRD141821
- Category: Engineering
- Location: Devarabisanahalli Village, KR Varturhobli,,East Taluk - Phase I,Bangalore,KARNATAKA,560103,India