Advanced Cyb Sec Archt/Engr

Product Security Architect

YOU MUST HAVE:

• Bachelor s degree or equivalent work experience in Cyber Security or Information Technology
• 6+ years experience in Cyber Security.
• Strong interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among stakeholders
• Knowledge of secure software development lifecycle
• Basic Applied Cryptography knowledge, which includes encryption algorithms, Public Key Infrastructure (PKI), Secure boot and Open-source risk management.
• Proficiency in Microsoft threat modeling tool, and reviewing vulnerability assessment
• Product architecture and development background
• Software engineering or development experience
• Secure software development lifecycle experience
• Knowledge of penetration testing
• Familiarity of security regulations and standards
• Understanding of Agile software development practices.

WE VALUE:

• Understanding DevsecOps and have a good working understanding of tooling specific to CI/CD pipelines and security tooling.
• Information Security accreditation (CISSP/CSSLP or other security related certifications)
• Experience with widely used security tools like SD Elements, BlackDuck Hub, Microsoft Threat modeling tool, SAST (Coverity, SonarQube), DAST (Burp, ZAP, AppSpider), Fuzzing, Vulnerability management and continuous monitoring tools

YOU MUST HAVE:

• Bachelor s degree or equivalent work experience in Cyber Security or Information Technology
• 6+ years experience in Cyber Security.
• Strong interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among stakeholders
• Knowledge of secure software development lifecycle
• Basic Applied Cryptography knowledge, which includes encryption algorithms, Public Key Infrastructure (PKI), Secure boot and Open-source risk management.
• Proficiency in Microsoft threat modeling tool, and reviewing vulnerability assessment
• Product architecture and development background
• Software engineering or development experience
• Secure software development lifecycle experience
• Knowledge of penetration testing
• Familiarity of security regulations and standards
• Understanding of Agile software development practices.

WE VALUE:

• Understanding DevsecOps and have a good working understanding of tooling specific to CI/CD pipelines and security tooling.
• Information Security accreditation (CISSP/CSSLP or other security related certifications)
• Experience with widely used security tools like SD Elements, BlackDuck Hub, Microsoft Threat modeling tool, SAST (Coverity, SonarQube), DAST (Burp, ZAP, AppSpider), Fuzzing, Vulnerability management and continuous monitoring tools

• Lead efforts with the development teams to manage product risk and apply the appropriate security controls
• Drive best in class security requirements into product and service offerings.
• Provide architecture and best practices guidance in building secure Honeywell products.
• Support product security process activities including threat modeling, security requirements, security reviews, threat vulnerability assessments and risk management for IA applications.
• Must have product architecture and development background with Secure software development lifecycle experience.
• Understanding of security by design principles and architecture level security concepts up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities
• Containers, and VMs, through secure configurations and performing periodic security reviews.
• Lead efforts in mentoring and training the engineering development community and facilitate adoption of shift-security-to-left practice
• Lead new initiatives that add value to SDL processes and procedures

• Lead efforts with the development teams to manage product risk and apply the appropriate security controls
• Drive best in class security requirements into product and service offerings.
• Provide architecture and best practices guidance in building secure Honeywell products.
• Support product security process activities including threat modeling, security requirements, security reviews, threat vulnerability assessments and risk management for IA applications.
• Must have product architecture and development background with Secure software development lifecycle experience.
• Understanding of security by design principles and architecture level security concepts up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities
• Containers, and VMs, through secure configurations and performing periodic security reviews.
• Lead efforts in mentoring and training the engineering development community and facilitate adoption of shift-security-to-left practice
• Lead new initiatives that add value to SDL processes and procedures