Sr Advanced Cyber Security Engineer

The future is what you make it.

When you join Honeywell, you become a member of our global team of thinkers, innovators, dreamers,
and doers who make the things that make the future.
That means changing the way we fly, fueling jets in an eco-friendly way, keeping buildings smart and safe
and even making it possible to breathe on Mars.

Honeywell Connected Enterprise (HCE) is a global leader for products and technologies that are installed in more than 10 million buildings, aircraft, and facilities worldwide. We are a pioneer in the Internet of Things, developing the next generation of connected offerings. The Security Engineer reports to the HCE Product Security Leader and will be responsible to provide drive hardware selection, configuration, design, and process improvements within our products; and to provide mentorship to team members.

Are you a cyber professional who desires to make a difference in the everyday security of people? Are you tired of being a consultant to engineering teams that ignore your input? Someone who wants to drive real improvements into real products in an environment which has a strong organizational support for product security?

As a senior member of the team, you will provide expertise in security to development teams throughout all phases of the SDLC. You will own one or more products and ensure its built and deployed securely and be able to work under minimal supervision.

As a key member of our growing product security team, you'll leverage your proven experience and...

• Identify and design risk-remediating security requirements
• For all software and firmware development in HCE, support secure lifecycle process activities including threat modeling, risk assessment, analysis of findings from penetration tests, and tools (e.g., SAST, SCA, Container vulnerability scans)
• Analyze cloud security misconfigurations and work with development team to perform remediations
• Build threat models and identify threats
• Track outstanding security issues and security exceptions to ensure that they are fixed
• Participate in PI planning, sprint planning, & daily standups with development teams to champion security in development backlog
• Initiate proactive collaboration with broader security teams to establish and mature security and data compliance by design / default best practices, including process improvement, providing feedback to security feature and risk repository, as well as expanding and updating security architecture and standardized requirement repositories
• Act as a subject matter expert for the product teams, understand and advise on enterprise policies and technical standards with specific regard to vulnerability management and secure configuration
• Execute secure product strategy working cross-functionally with leaders across the business
• Balance the product requirements and product security to ensure a stable product
• Advocate new methodologies, tools, and design paradigms
• Mentor junior members on the team
• Lead the product engineering team to develop secure, high quality, scalable, and extensible products in accordance with the SDLC and per the product roadmap