Experienced Security Engineer
Company: Honeywell
Location: Atlanta
Posted on: May 17, 2024
|
|
Job Description:
Innovate to solve the world's most important challengesInnovate
to solve the world's most important challenges The future is what
you make it. - When you join Honeywell, you become a member of our
global team of thinkers, innovators, dreamers and doers who make
the things that make the future. - That means changing the way we
fly, fueling jets in an eco-friendly way, keeping buildings smart
and safe and even making it possible to breathe on Mars. - Working
at Honeywell isn't just about developing cool things. That's why
all of our employees enjoy access to dynamic career opportunities
across different fields and industries. - Are you ready to help us
make the future? - Honeywell Connected Enterprise (HCE) is a global
leader for products and technologies that are installed in more
than 10 million buildings, aircraft, and facilities worldwide. We
are a pioneer in the Internet of Things, developing the next
generation of connected offerings. - Are you someone who wants to
drive real improvements into real products in an environment which
has a strong organizational support for product security? In the
role of the Senior Advanced Cyber Security Architect for the Forge
Core Platform, you will report to the Product Security Leader and
will provide expertise in security to development teams throughout
all phases of the SDLC. - Working under minimal supervision, you
will own one or more product components and ensure they're built
and deployed securely in the cloud. - Responsibilities: - - - - - -
- Partner with Cloud Security Architecture to drive the security
strategy and provide input into cloud security patterns to build
Zero Trust architecture - - - - - - - Work closely with DevOps to
ensure the Cloud is built securely using IaC and manage cloud
security posture management via enforcing policies in Defender for
Cloud - - - - - - - For all SaaS offerings in HCE, support secure
lifecycle process activities including threat modeling, risk
assessment, analysis of findings from penetration tests, and tools
(e.g., SAST, SCA, Container vulnerability scans) - - - - - - -
Identify, design, and track risk-remediating security requirements
by actively managing open security risks - - - - - - - Participate
in PI planning, sprint planning, & daily standups with development
teams to champion security in development backlog - - - - - - -
Conduct project status and process presentations for leadership and
external customers. Interfaces with vendors and suppliers to ensure
product and project compliance. Communicates any non-compliance and
the results of any internal project audits to pertinent parties. -
- - - - - - Act as a subject matter expert for the product teams,
understand and advise on enterprise policies and technical
standards with specific regard to vulnerability management and
secure configuration - - - - - - - Execute secure product strategy
working cross-functionally with leaders across the business - - - -
- - - Balance the product requirements and product security to
ensure a stable product - - - - - - - Be a coach to Security
Champions to grow their product security skills. - - - - - - - Acts
as a mentor to upcoming Product Security EngineersYou must have: -
- - - - - - Bachelor's degree in Cybersecurity, Computer Science,
or
related field - - - - - -5+ years of combined experience in one or
more of the following areas: secure software development, SaaS,
cloud security, security architecture and/or security engineering
We value: - - - - - - - Secure software development lifecycle
(SSDLC) experience - - - - - - - Programming abilities and
understanding of secure coding practices - - - - - - - Experience
and knowledge with Identity and Access Management security controls
- - - - - - - Experience and knowledge with Container Orchestration
security controls - - - - - - - Experience with Cloud Provider
(e.g., Azure, AWS, GCP) security controls - - - - - - - Experience
with security tools (e.g., SAST, SCA, vulnerability scanning,
penetration testing) - - - - - - - Understanding of Agile software
development practices - - - - - - - Experiences with DevOps (CI/CD)
- - - - - - - Understanding of security by design principles,
architecture level security, and zero trust security concepts - - -
- - - - Up to date knowledge of current and emerging security
threats and techniques for exploiting security weaknesses - - - - -
- - Certifications in security demonstrating deep practical
knowledge such as CSSLP, CCSP, or CISSP - - - - - - - Understanding
of industry compliance and security standards (e.g., PCI DSS, ISO
27001, SOC1 and 2) - - - - - - - - - - - - - - Additional
Information
Keywords: Honeywell, Smyrna , Experienced Security Engineer, Engineering , Atlanta, Georgia
Click
here to apply!
|