This job posting isn't available in all website languages

Sr. Principal Solutions Cybersecurity Architect

Program Management
2112484 Requisition #

What you will do

The future is being built today, and Johnson Controls is making that future more productive, more secure and more sustainable.  We are harnessing the power of cloud, data analytics, the Internet of Things, and user design thinking to deliver on the promise of intelligent buildings and smart cities that connect communities in ways that make people’s lives – and the world – better.

In this career defining opportunity within the Global Product Security organization, you will drive smart building cybersecurity solution design and deployment planning to promote effective risk management for secure digital and connected solutions across their operational lifecycle. As a consultant, you will guide installation and service organizations with implementation of the Johnson Controls’ security policies. You will support sales, field, and customer success teams in delivering a positive cybersecurity experience for our customers.

How you will do it

  • Provide cybersecurity guidance and assistance to solutions teams, security champions, support teams, and business leaders throughout all phases of customer projects.
  • Drive compliance with Johnson Controls’ policies and standards throughout all project phases.
  • Ensure customer’s security and privacy requirements are identified, implemented and maintained.
  • Collaborate with the overall solutions architects to incorporate security to projects by design at all levels of the architecture from device to cloud to minimize risk.
  • Work with project teams as they deploy the design and implement hardening guidance. Help them quantify and remediate or mitigate residual risk.
  • Support requirements for customer cybersecurity acceptance including contract compliance, security questionnaires, assessments, audits and Site Acceptance Tests (SAT).
  • Support incident response operations, training, and exercises, including exploitation analysis and countermeasure testing.

What we look for


  • Technical and operational excellence, thought leadership, and integrative thinking.
  • Expert knowledge and practical product and software security experience, including secure SDLC practices, security and privacy by design architectures, threat modeling, and secure by default configurations, supply chain security and security hardening.
  • Expert knowledge of network segmentation, firewalls and cloud computing architecture designs.
  • Strong problem-solving skills to analyze cybersecurity issues and requirements and relate them to appropriate security controls.
  • Bachelor’s degree in Cybersecurity, Computer Science, Engineering, Information Systems, or related technical degree.  


  • Experience with Operational Technologies (e.g. Controls Systems, Building Management).
  • Knowledge of modern secure networking technologies such as zero-trust solutions.
  • Familiarity with technology risk management related frameworks such as RMF, NIST 800-53, ISA/IEC 62443, UL CAP, ISO 27001, GDPR, CSL, SOC 2 or other comparable.
  • Understanding of penetration testing, reverse engineering, software attack vectors, fault injection, device fingerprinting, and tamper resistance.
  • CSSLP, CISSP, CCSP, OSCP, CEH, or related cybersecurity certifications.
  • Minimum of 14 years of experience with at least 7 years in software or product cybersecurity.

Previous Job Searches

My Profile

Create and manage profiles for future opportunities.

Go to Profile

My Submissions

Track your opportunities.

My Submissions
View All Jobs