March 28, 2024
Electric Energy Jobs

Sr. Product Security Engineer

Organization:
Johnson Controls
Region:
United States, Massachusetts, Westford
End of contest:
February 8, 2018
  This job posting has expired
Type:
Full time
Category:
Engineer
Description

Johnson Controls is a global diversified technology and multi-industrial leader serving a wide range of customers in more than 150 countries.  Our 117,000 employees create intelligent buildings, efficient energy solutions, integrated infrastructure and next generation transportation systems that work seamlessly together to deliver on the promise of smart cities and communities.  Our commitment to sustainability dates back to our roots in 1885, with the invention of the first electric room thermostat.  We are committed to helping our customers win and creating greater value for all of our stakeholders through strategic focus on our buildings and energy growth platforms.  For additional information, please visit www.johnsoncontrols.com or follow us @johnsoncontrols on Twitter. 

Job Summary

The Cyber Protection Program, part of Johnson Controls Security Products division, is a holistic product security program responsible for not only ensuring the security of our products, but achieving the approval of our end user IT and InfoSec teams and maintaining relevant cybersecurity regulatory approvals. Members of the Cyber Protection Program's engineering team require more than just technical acuity and excellent problem solving skills, but must be able to represent the team and the Program to senior management, product architects, and customers. Excellent communication skills is a must.

There is an immediate opening for a Senior Product Security Engineer with experience in Windows applications security. This engineer will be responsible for of the secure development for multiple, enterprise-level, access control and video surveillance applications.

The primary responsibility for this role is to champion the Secure Development Process for responsible applications including review of the product roadmap, design of new security features, application threat modeling, working with developers to drive resolution for vulnerabilities, coordinating required tests with internal and external teams, and, finally, providing recommendation regarding product release.

Additional responsibilities include representing the applications in PSIRT activities, tracking security bugs and providing metrics to management, working with product management to drive security initiatives, and creating product documentation for customer and sales support or regulatory guidance.

This role reports to the Engineering Lead for the Cyber Protection Program. The position is located in Westford, MA.

Job Responsibility

  • Serve as a security expert in application development and lead product development teams to comply with the policies of the Cyber Protection Program.
  • Research, design and advocate new technologies, architectures, and security products that will support security requirements.
  • Collaborate with the security products product line managers to help define and set cybersecurity product features and requirements that are appropriate for their products and market.
  • Provide guidance and support to junior team members and help develop their knowledge of security.
  • Promote and market the Product Security Team to our customers and end user by acting of the team's representative at conferences, presentations, and other outreach activities.
  • Respond to security vulnerabilities in both internal and third party products and prepare security advisories.
  • Keep abreast of the current cybersecurity trends and competitive landscape.
  • Work with development teams, Product Management, and Marketing Communications to ensure all cybersecurity compliance guidelines, technical documents and marketing literature are accurate.

#external

Education/Experience

  • Bachelor's or Master's degree in Computer Science or related field
  • Five or more years of Windows application development or related product security or IT security field
  • Experience with C# and security practices for .NET
  • Experience with SAST, vulnerability management, open source security issues, threat modeling, and working with third party penetration testers.
  • Knowledgeable of network and system security principles such as defense in depth, granularity of privilege, etc. and how they are applied in practice, not only in theory

Technical Skills

  • The successful product manager will demonstrate a combination of desirable attributes:
  • Strong knowledge and experience with cybersecurity technology, methods, terminology and trends
  • Must have strong leadership and communication skills and be able to discuss technical topics to individuals and groups with a wide range of technical backgrounds
  • Good financial and general business acumen
  • Goal-oriented with a strong drive for success
  • Highly competent in Microsoft Excel, Power Point, Word

Engineering 1719425

Click here to view the full job posting.

Contact

Johnson Controls

www.johnsoncontrols.com


 From the same category : engineer