🌎
This job posting isn't available in all website languages

Settings

Senior Product Security Engineer

📁
Engineering
📅
152380 Requisition #
Apply for Job
Share this Job
Sign Up for Job Alerts

What you will do

 

The Cyber Protection Program, part of Johnson Controls Security Products division, is a holistic product security program responsible for not only ensuring the security of our products, but achieving the approval of our end user IT and InfoSec teams and maintaining relevant cybersecurity regulatory approvals.

 

Members of the Cyber Protection Program’s engineering team require more than just technical acuity and excellent problem solving skills, but must be able to represent the team and the Program to senior management, product architects, and customers. Excellent communication skills is a must.

This engineer will be responsible for championing the secure development for multiple physical security products including cloud services.

 

How you will do it

 

The primary responsibility for this role is to champion the Secure Development Process for responsible applications including review of the product roadmap, design of new security features, application threat modeling, working with developers to drive resolution for vulnerabilities, coordinating required tests with internal and external teams, and, finally, providing recommendation regarding product release.

 

Additional responsibilities include representing the applications in PSIRT activities, tracking security bugs and providing metrics to management, working with product management to drive security initiatives, and creating product documentation for customer and sales support or regulatory guidance.

 

Serve as a security expert in application development and lead product development teams to comply with the policies of the Cyber Protection Program.

 

Research, design and advocate new technologies, architectures, and security products that will support security requirements.

 

Collaborate with the security products product line managers to help define and set cybersecurity product features and requirements that are appropriate for their products and market.

 

Provide guidance and support to junior team members and help develop their knowledge of security.

 

Promote and market the Product Security Team to our customers and end user by acting of the team's representative at conferences, presentations, and other outreach activities.

 

Respond to security vulnerabilities in both internal and third party products and prepare security advisories.

 

Keep abreast of the current cybersecurity trends and competitive landscape and work with development teams, Product Management, and Marketing Communications to ensure all cybersecurity compliance guidelines, technical documents and marketing literature are accurate.

 

Who we are

 

At Johnson Controls, we’re shaping the future to create a world that’s safe, comfortable and sustainable. Our global team creates innovative, integrated solutions to make cities more connected, buildings more intelligent and vehicles more efficient. We are passionate about improving the way the world lives, works and plays. The future requires bold ideas, an entrepreneurial mind-set and collaboration across boundaries. You need a career focused on tomorrow. Tomorrow needs you.

What we look for

Bachelor’s or Master’s degree in Computer Science or related field

Five or more years of product development, product security, or IT security field

Experience with deployment of Windows and Linux operating systems

Experience with cloud technologies and deployments

Experience with static code analysis, vulnerability management, open source security issues, threat modeling, and working with third party penetration testers

Knowledgeable of network and system security principles such as defense in depth, granularity of privilege, etc. and how they are applied in practice, not only in theory

Knowledge and experience with cybersecurity technology, methods, terminology and trends

Must have strong leadership and communication skills and be able to discuss technical topics to individuals and groups with a wide range of technical backgrounds

Previous Job Searches

My Profile

Create and manage profiles for future opportunities.

Go to Profile

My Submissions

Track your opportunities.

My Submissions
View All Jobs