Advanced Cyber Sec Archt Engr

Job Description

The Product Security Architect is responsible for providing application and system level security expertise and mentoring to Process Automation products. As an integral member of our global product security community, support product security activities aligned to the Secure Development Lifecycle process across Process Automation.

Responsibilities

• Lead efforts with the development teams to manage product risk and apply the appropriate security controls
• Drive best in class security requirements into product and service offerings.
• Provide architecture and best practices guidance in building secure Honeywell products.
• Support product security process activities including threat modeling, security requirements, security reviews, threat vulnerability assessments and risk management for PA applications.
• Must have product architecture and development background with Secure software development lifecycle experience.
• Understanding of security by design principles and architecture level security concepts up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities
• Containers, and VMs, through secure configurations and performing periodic security reviews.
• Lead efforts in mentoring and training the engineering development community and facilitate adoption of shift-security-to-left practice
• Lead new initiatives that add value to Secure Development Life cycle processes and procedures
  
  

Qualifications

• Bachelor’s degree or equivalent work experience in Cyber Security or Information Technology
• Strong interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among stakeholders
• Understanding of Agile software development practices.
• Understanding DevsecOps and have a good working understanding of tooling specific to CI/CD pipelines and security tooling.
• Sound understanding of Cryptography, encryption algorithms, Public Key Infrastructure (PKI), Secure boot and Open-source risk management.
  
  

We Value

• Information Security accreditation (CISSP/CSSLP or other security related certifications)
  
  

Experience with widely used security tools like SD Elements, BlackDuck Hub, Microsoft Threat modeling tool, SAST (Coverity, SonarQube), DAST (Burp, ZAP, AppSpider), Fuzzing, Vulnerability management and continuous monitoring tools

About Us

Honeywell helps organizations solve the worlds most complex challenges in automation, the future of aviation and energy transition. As a trusted partner, we provide actionable solutions and innovation through our Aerospace Technologies, Building Automation, Energy and Sustainability Solutions, and Industrial Automation business segments – powered by our Honeywell Forge software – that help make the world smarter, safer and more sustainable.

---