BakersfieldRecruiter Since 2001
the smart solution for Bakersfield jobs

Senior Principal Product Cybersecurity Architect, Remote/Virtual

Company: Johnson Controls
Location: Bakersfield
Posted on: September 12, 2020

Job Description:

Senior Principal Product Cybersecurity Architect, Remote/Virtual Senior Principal Product Cybersecurity Architect

What you will do

The future is being built today, and Johnson Controls is making that future more productive, more secure and more sustainable. We are harnessing the power of cloud, data analytics, the Internet of Things, and user design thinking to deliver on the promise of intelligent buildings and smart cities that connect communities in ways that make people’s lives – and the world – better.

In this career defining opportunity within the Global Product Security organization, you will drive continuous improvement initiatives aligned to our cybersecurity maturity framework and roadmap, ensuring proactive management of security and data privacy risk across the full lifecycle of our products, platforms, and service offerings. You will apply your expertise in secure software development practices to ensure security and privacy by design requirements are fulfilled and that products are released to market with strong cybersecurity as a core feature. In this role, you will play a pivotal role in managing cybersecurity risk, differentiating Johnson Controls, and enabling business success. This is a remote/virtual opportunity.

How you will do it

Provide cybersecurity expertise and guidance to product development teams, security champions, and business leaders throughout all phases of the software development life cycle.

Drive policy compliance and high quality for secure SDLC activities -- security requirements, security architectures, threat and attack models, supply chain security, code reviews, SAST, DAST, IAST, penetration testing, and security hardening.

Architect security and privacy by design and secure-by-default into software applications, embedded systems, and cloud platforms.

Periodically assess security policies, standards, and metrics to drive improvements that help Johnson Controls adapt to evolving regulatory, customer, and threat environments.

Drive efforts to quantify residual product risk and identify appropriate security controls.

Drive efforts to advance innovative security features, capabilities, and practices.

Review product architectures for security design gaps and vulnerabilities and consult with product teams to remediate or mitigate cyber risk.

Assist coordination of third party penetration testing vendor engagements with product teams.

Help engineers and product managers identify solutions to meet cybersecurity requirements.

Help business unit leaders understand security risks and participate in project resource planning.

Maintain current knowledge of security threats and vulnerabilities that could impact products.

Support incident response operations, training, and exercises, including exploitation analysis and countermeasure testing.

Assist coordination and tracking of vulnerability remediation activities.

Raise cybersecurity awareness and facilitate security training and certification.

Support periodic reporting to senior executive leadership on health and status of the product security program, cybersecurity risks, risk mitigations, and trends.

Collaborate with product, IT, and privacy teams on product security risks and opportunities.

Use agile project management to manage resources and track milestones and deliverables.

Support company response to customer audits and inquiries pertaining to product security.

Support internal audits and assessments to identify risks and determine mitigation actions.

Identify cybersecurity opportunities that enhance the developer and customer experience.

Support product security committees, boards, councils and working groups.

Support cybersecurity risk and technology assessments.

Speak at customer-facing events and present at conferences.

What we look for

Technical and operational excellence, thought leadership, and integrative thinking.

Expert knowledge and practical product and software security experience, including secure SDLC practices, security and privacy by design architectures, and secure by default configurations.

Strong problem-solving skills to analyze cybersecurity issues and requirements (legal/regulatory, policy, customer, industry standards) and relate them to appropriate security controls.

Experience supporting software security governance and compliance activities, i.e. metrics, assessments, audits, exercises, risk frameworks, and maturity models.

Demonstrated ability to lead change initiatives that intelligently manage software cyber risks.

Proven ability to deliver results using agile methodologies and tools (e.g. Scrum/Kanban, Jira).

Understanding of Product Security Incident Response Team (PSIRT) processes and activities.

Understanding of agile software development and continuous integration/deployment.

Practical experience with Linux OS, programming and scripting languages (e.g. Java, Python, Perl), and security tools (e.g. Kali, Nessus, Netsparker, openVAS, BurpSuite, Metaspolit).

Understanding of embedded systems architectures (e.g. ARM, Cortex), embedded systems tools/emulators, RTOS/Linux, network protocols and programming languages (such as C/C++).

Understanding of penetration testing, reverse engineering, software attack vectors, fault injection, device fingerprinting, and tamper resistance.

Understanding TPM, Secure Boot, OTP, PKI, SPI/I2C Bus Analyzers, JTAG probing.

Knowledge of current security threats and techniques for exploiting software vulnerabilities.

Active participation in hackathons, cybersecurity competitions, and exercises are a plus.

Superior interpersonal, organizational, written/verbal communication, and presentation skills.

Ability to build trust with stakeholders and explain complex security topics to all audiences.

Familiarity with technology risk management related frameworks such as RMF, NIST 800-53, ISA/IEC 62443, UL CAP, ISO 27001, GDPR, CSL, SOC 2 or other comparable.

Experience with Operational Technologies (e.g. Controls Systems, Building Management) a plus.

Bachelors degree in Cybersecurity, Computer Science, Engineering, Information Systems, or related technical degree. Masters degree is preferred.

Minimum of 14 years of experience with at least 7 years in software or product cybersecurity.

CSSLP, CISSP, CCSP, OSCP, CEH or related cybersecurity certifications.

Travel is occasional at approximately 15%, including international.

Johnson Controls is an equal employment opportunity and affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, status as a qualified individual with a disability, or any other characteristic protected by law. For more information, please view EEO is the Law. If you are an individual with a disability and you require an accommodation during the application process, please visit www.johnsoncontrols.com/tomorrowneedsyou.

Previous Job Searches My Profile Create and manage profiles for future opportunities.

? United States of America, Wisconsin, Milwaukee

Keywords: Johnson Controls, Bakersfield , Senior Principal Product Cybersecurity Architect, Remote/Virtual, Other , Bakersfield, California

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category
within


Other Other Jobs


May Trucking: Class A Cdl Truck Driver - You Work, We Pay, Guaranteed
Description: CLASS A CDL OVER THE ROAD COMPANY TRUCK DRIVER GUARANTEED PAY GO FIRST CLASSOTR Class A CDL Truck Drivers are the backbone of May Trucking Company. We never forget that our success as an organization (more...)
Company: May Trucking
Location: San Luis Obispo
Posted on: 09/21/2020

CEO
Description: SCA Careers Surgical Care Affiliates SCA CEO in San Luis Obispo, California Careers at San Luis Obispo Surgery Center Patients Working Here Physicians Health Plans Health Systems About (more...)
Company: Surgical Care Affiliates
Location: San Luis Obispo
Posted on: 09/21/2020

Need temporary work? Deliver with Shipt.
Description: Job Description: 10 10 Help people get what they need while earning extra income. Shipt is a marketplace that provides fresh produce, household essentials, and more from trusted local stores. There (more...)
Company: Shipt
Location: San Luis Obispo
Posted on: 09/21/2020


Direct Support Specialist
Description: 0.32 Are you driven to serve and help others in your community Caregivers and Direct Support Professionals DSP are the heart of our company with their compassion, dependability, and care.-- If you (more...)
Company: ResCare Residential Services
Location: San Luis Obispo
Posted on: 09/21/2020

Seasonal Shipt Shopper
Description: Job Description: 10 10 Shipt is a membership-based marketplace that helps people get the things they need, like fresh produce and household essentials, from stores they trust. Help people save time (more...)
Company: Shipt
Location: San Luis Obispo
Posted on: 09/21/2020

IT Infrastructure Year Round Internship - San Luis Obispo, CA
Description: What You'll Bring What you'll bring Pursuing a degree in Computer Science, MIS or equivalent Preferably a rising Junior or Senior Ability to participate andor guide the successful completion of projects (more...)
Company: TransUnion
Location: San Luis Obispo
Posted on: 09/21/2020

Grocery Shopper (flexible schedule)
Description: Job Description: 10 10 Help people get what they need while earning extra income. Shipt is a marketplace that provides fresh produce, household essentials, and more from trusted local stores. There (more...)
Company: Shipt
Location: San Luis Obispo
Posted on: 09/21/2020

Part-Time Delivery Job - Earn up to $22/hr
Description: Job Description: 10 10 Shipt is a membership-based marketplace that helps people get the things they need, like fresh produce and household essentials, from stores they trust. Help people save time (more...)
Company: Shipt
Location: San Luis Obispo
Posted on: 09/21/2020

Grocery shopper - Earn money on your own time
Description: Job Description: 10 10 Shipt is a membership-based marketplace that helps people get the things they need, like fresh produce and household essentials, from stores they trust. Help people save time (more...)
Company: Shipt
Location: San Luis Obispo
Posted on: 09/21/2020

STAFF PSYCHIATRIST
Description: Job Posting: STAFF PSYCHIATRIST SAFETY Department of Developmental Services - Porterville Developmental Center JC-732 - STAFF PSYCHIATRIST SAFETY STAFF PSYCHIATRIST SAFETY Final Filing (more...)
Company: state of california
Location: Porterville
Posted on: 09/21/2020

Log In or Create An Account

Get the latest California jobs by following @recnetCA on Twitter!

Bakersfield RSS job feeds