Cyber Sec Arch/Engr II

Cloud Security Architect – India, Bangalore

Innovation to solve the world's most important challenges.

The future is what you make it.

When you join Honeywell, you become part of a global community of thinkers, innovators, dreamers, and doers who are shaping the future.

From transforming how we fly and enabling more sustainable aviation to keeping buildings smart and secure—and even supporting missions beyond Earth—our work creates real-world impact every day.

At Honeywell, it’s not just about building cutting-edge technology. Our people also benefit from dynamic career opportunities that span diverse industries and disciplines, empowering them to grow and thrive

Are you ready to help us make the future?

Honeywell is a global leader for products and technologies that are installed in more than 10 million buildings, aircraft, and facilities worldwide. We are a pioneer in the Internet of Things, developing the next generation of connected offerings.

Are you someone who wants to drive real improvements into real products in an environment which has a strong organizational support for product security?

In the role of Senior Advanced Cloud Security Architect for Honeywell Connected Enterprise, you will join a growing Product Security team overseeing the posture of HCE Cloud offerings and driving security by design across cloud-based products. The Senior Advanced Cloud Security Architect will report to the HCE Cloud Security Manager and will drive secure cloud posture and risk reduction across software products through standardized and defined processes by partnering with Honeywell Global Security and collaboration with team members.

Responsibilities:

• Innovate by developing new solutions and identifying industry-leading practices in secure cloud environments.

• Collaborate with team members to advance state-of-the-art cloud security practices.

• Support and work alongside the CTO and SRE to enhance best-in-class cloud posture in a multi-cloud environment.

• Partner with Honeywell Global Security to understand and influence cloud security baselines, providing practical solutions that incorporate engineering considerations without introducing risk.

• Drive the establishment of cloud security baselines through policy initiatives in a multi-cloud environment, primarily focusing on Azure, utilizing automation.

• Identify metrics that will promote behavioral changes in the cloud, such as untagged cloud resources, cloud built without IaC, and overall cloud risk.

• Implement dashboards to offer insights into cloud risk and facilitate risk reduction activities.

• Support security incident and response activities by performing analysis, collaborating with stakeholders, and driving the resolution of incidents.

• Promote and apply Zero Trust architecture and principles across cloud and edge environments.

• Assist in the management and deployment of cloud baseline policies at scale through automation.

You must have:

• Bachelor's Degree
• 5+ years of experience with a public cloud such as AWS, Azure, GCP
• Ability to perform threat modeling of cloud-based systems

We value:

• Ability to identity and define project scope and level of effort
• Experience with programming and automation
• Ability to identify and remediate issues early, analyze, and propose alternative solutions
• Strong interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among stakeholders
• Passion for achieving results and continual self-improvement
• Experience and knowledge of Public Cloud Provider (e.g., Azure, AWS, GCP) security controls and capabilities (e.g., DDoS, Firewalls, WAF, Network Segregation)
• Understanding of secure networking design and principles
• Experience of multi-layer cloud security controls ensuring confidentiality, integrity, and availability
• Understanding of Internet of Things (IOT) security concerns, architecture, and controls
• Experience with Identity and Access Management security solutions and protocols (e.g., SAML, OpenID, and OAuth)
• Experience and understanding of Container/Kubernetes security and controls
• Understanding of security by design principles, architecture level security, API security, and Zero Trust security concepts
• Up to date knowledge of current and emerging security threats and techniques for exploiting security weaknesses
• Understanding of National and International regulatory and compliance standards
• Certifications in security demonstrating deep practical knowledge such as CCSP, or CISSP
• Master’s Degree