Honeywell’s Building Automation business (BA) is seeking a Product Security Leader (PSL) for their Security and Access Solutions (SAS) strategic business unit.  This is a senior technical non-supervisory role who will be an important member of the BA Product Security team. As the SAS PSL you will get the chance to make a huge impact in helping direct the cybersecurity and privacy strategies used to secure all of the products developed for the Security and Access Solutions business.

You would report to the BA Cybersecurity Chief with matrix reporting to the SAS Vice President and Chief Technology Officer (VP/CTO).

YOU MUST HAVE:

• 6+years familiarity securing Cloud, Mobile, and on-premises software including embedded Linux and RTOS software systems and installable Windows client and server software.
• Understanding of Dev Sec Ops.
• 2-3 years hands-on and leadership experience with software development.
• 10 years’ experience in technology and cybersecurity.
• Strong knowledge of secure software development lifecycle and practices such as threat modeling, security reviews, penetration tests, and security incident response.
• Working knowledge of Cyber security frameworks – i.e. ISA/IEC 62243, NIST 800-53, NIST RMF, etc.
• Experience conducting secure product reviews leveraging both automated (i.e. SAST, DAST, SCA, etc.) & manual activities (Penetration Testing).
• Understanding security by design’ principles and architecture level security concepts
• Up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities.
• Excellent communication (written and oral) and leadership skills
• Bachelor’s degree in computer science or software engineering, electrical engineering, or equivalent experience.
• Strong interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities and resolve conflicts.

Key Responsibilities:

• Serve as the SAS VP/CTO’s chief advisor on product security and privacy strategies and cyber risk management of their portfolio of products.
• As a member of VP/CTO’s extended leadership team, you will influence the development of SAS’s products and ensure they are secure by design and by default.
• Proactively engage in building solid working relationships with Engineering, Legal & Marketing that drive secure development practices and designs.
• Be a coach to Product Security Directors, Security Architects, Security Champions & developers to grow their product security skills.
• Maintain and drive product security metrics of SAS products through their development life cycle for continuous improvement.
• Accountability, in conjunction with the SAS VP/CTO, for keeping our customers secure.  This includes Product Security Risk Management and assuring compliance with corporate and BA Product Security Risk Management policies for all products in the SAS portfolio.
• Ensure adoption of product security requirements and encourage the use of HBT BA standard components across SAS.
• Evaluate & enhance product security processes to keep them lean and optimize security.
• Participate in the BA Software Security Group (SSG) as a voting member to drive secure-by-default design practices and a security-focused culture across BA.
• Lead and coordinate cross-functional activities to support incident response to closure.
• Be the focal point for critical customer cybersecurity issues, product security compliance, and external security certifications.
• Build great talent by searching out the best, learning and inspiring others to build a world class product security team.