Senior Principal Product Cybersecurity Architect
1 week ago
What you will do
The future is being built today, and Johnson Controls is making that future more productive, more secure and more sustainable. We are harnessing the power of cloud, data analytics, the Internet of Things, and user design thinking to deliver on the promise of intelligent buildings and smart cities that connect communities in ways that make people's lives – and the world – better.
In this career defining opportunity within the Global Product Security organization, you will drive continuous improvement initiatives aligned to our cybersecurity maturity framework and roadmap, ensuring proactive management of security and data privacy risk across the full lifecycle of our products, platforms, and service offerings. You will apply your expertise in secure software development practices to ensure security and privacy by design requirements are fulfilled and that products are released to market with strong cybersecurity as a core feature. In this role, you will play a pivotal role in managing cybersecurity risk, differentiating Johnson Controls, and enabling business success.
How you will do it
Provide cybersecurity expertise and guidance to product development teams, security champions, and business leaders throughout all phases of the software development life cycle. Drive policy compliance and high quality for secure SDLC activities -- security requirements, security architectures, threat and attack models, supply chain security, code reviews, SAST, DAST, IAST, penetration testing, and security hardening. Architect security and privacy by design and secure-by-default into software applications for mobile, embedded systems, and cloud. Periodically assess security policies, standards, and metrics to drive improvements that help Johnson Controls adapt to evolving regulatory, customer, and threat environments. Drive efforts to quantify residual product risk and identify appropriate security controls. Drive efforts to advance innovative security features, capabilities, and practices. Review product architectures for security design gaps and vulnerabilities and consult with product teams to remediate or mitigate cyber risk. Assist coordination of third party penetration testing vendor engagements with product teams. Help engineers and product managers identify solutions to meet cybersecurity requirements. Help business unit leaders understand security risks and participate in project resource planning. Maintain current knowledge of security threats and vulnerabilities that could impact products. Support incident response operations, training, and exercises, including exploitation analysis and countermeasure testing. Assist coordination and tracking of vulnerability remediation activities. Raise security awareness and drive security training and certification for people and products. Support periodic reporting to senior executive leadership on health and status of the product security program, cybersecurity risks, risk mitigations, and trends. Use agile project management to manage resources and track milestones and deliverables. Support company response to customer audits and inquiries pertaining to product security. Support internal audits and assessments to identify risks and determine mitigation actions. Identify cybersecurity opportunities that enhance the developer and customer experience. Support product security committees, boards, councils and working groups. Support cybersecurity risk and technology assessments. Speak at customer-facing events and present at conferences.What we look for
Technical and operational excellence, thought leadership, and integrative thinking. Expert knowledge and practical product and software security experience, including secure SDLC practices, security and privacy by design architectures, and secure by default configurations. Strong problem-solving skills to analyze cybersecurity issues and requirements (legal/regulatory, policy, customer, industry standards) and relate them to appropriate security controls. Experience supporting software security governance and compliance activities, i.e. metrics, assessments, audits, exercises, risk frameworks, and maturity models. Demonstrated ability to lead change initiatives that intelligently manage software cyber risks. Proven ability to deliver results using agile methodologies and tools (e.g. Scrum/Kanban, Jira). Understanding of Product Security Incident Response Team (PSIRT) processes and activities. Understanding of agile software development and continuous integration/deployment. Practical experience with Linux OS, programming and scripting languages (e.g. Java, Python, Perl), and security tools (e.g. Kali, Nessus, Netsparker, openVAS, BurpSuite, Metaspolit). Understanding of embedded systems architectures (e.g. ARM, Cortex), embedded systems tools/emulators, RTOS/Linux, network protocols and programming languages (such as C/C++). Understanding of penetration testing, reverse engineering, software attack vectors, fault injection, device fingerprinting, and tamper resistance. Understanding TPM, Secure Boot, OTP, PKI, SPI/I2C bus analyzers, JTAG probing. Knowledge of current security threats and techniques for exploiting software vulnerabilities. Understanding of web and mobile application secure design principles such as OWASP. Understanding of data protection, secure cloud, and network infrastructure design principles. Familiarity with technology risk management related frameworks such as RMF, NIST 800-53, ISA/IEC 62443, UL CAP, ISO 27001, GDPR, CSL, CSA, SOC 2 and other comparable. Experience with Operational Technologies (e.g. Controls Systems, Building Management) a plus. Superior interpersonal, organizational, written/verbal communication, and presentation skills. Ability to build trust with stakeholders and explain complex security topics to all audiences. Active participation in hackathons, cybersecurity competitions, and exercises are a plus. CSSLP, CISSP, CCSP, OSCP, CEH or related cybersecurity certifications. Bachelors degree in Cybersecurity, Computer Science, Engineering, Information Systems, or related technical degree. Masters degree is preferred. Minimum of 10 years of experience with at least 6 years in software or product cybersecurity. Travel is occasional at approximately 10%, including international.-
Principal Product Cybersecurity Architect
1 week ago
Bengaluru, Karnataka, India Johnson Controls Full timeWhat you will do The future is being built today, and Johnson Controls is making that future more productive, more secure and more sustainable. We are harnessing the power of cloud, data analytics, the Internet of Things, and user design thinking to deliver on the promise of intelligent buildings and smart cities that connect communities in ways that...
-
Senior Principal Cybersecurity Consultant
1 week ago
Bengaluru, Karnataka, India CYFIRMA Full timeCYFIRMA is the fastest-growing cybersecurity start-up delivering a complete near real-time view of external cyber threats and risks. We are an external threat landscape management platform company. We combine cyber intelligence with attack surface discovery and digital risk protection to deliver an early warning, personalized, contextual, outside-in, and...
-
Principal Product Cybersecurity Architect
1 week ago
Bengaluru, Karnataka, India Johnson Controls International Full timeWhat you will doThe future is being built today, and Johnson Controls is making that future more productive, more secure and more sustainable. We are harnessing the power of cloud, data analytics, the Internet of Things, and user design thinking to deliver on the promise of intelligent buildings and smart cities that connect communities in ways that make...
-
Cybersecurity Architect
1 week ago
Bengaluru, Karnataka, India Volvo Group Full timeTransport is at the core of modern society. Imagine using your expertise to shape sustainable transport solutions for the future? If you seek to make a difference on a global scale, working with next-gen technologies and the sharpest collaborative teams, then we could be a perfect match.Who we are and what we believe inGroup Trucks Technology are seeking...
-
Cybersecurity Architect
1 week ago
Bengaluru, Karnataka, India Fidelity International Full timeAbout the OpportunityJob Type: PermanentApplication Deadline: 30 June 2024Job Description:Title Cybersecurity ArchitectDepartment Global Cyber and Information SecurityLocation Bangalore IndiaReports To Senior Technical Consultant Cybersecuirty ArchitetcureLevel 6We're proud to have been helping our clients build better financial futures for over 50 years....
-
Principal Eng, Cybersecurity
1 week ago
Bengaluru, Karnataka, India Scalene works Full timeAs Sr Principal Engineer, own and direct the cybersecurity design and analysis of multiple medical devices. Resolve difficult problems, from conception to final design with team input. Plan, lead, and deliver project assignments in the evaluation, selection and adaptation of various cybersecurity engineering techniques, procedures, and criteria with minimal...
-
Principal Eng, Cybersecurity
1 week ago
Bengaluru, Karnataka, India Scalene works Full timeAs Sr Principal Engineer, own and direct the cybersecurity design and analysis of multiple medical devices. Resolve difficult problems, from conception to final design with team input. Plan, lead, and deliver project assignments in the evaluation, selection and adaptation of various cybersecurity engineering techniques, procedures, and criteria with minimal...
-
Principal Architect
1 week ago
Bengaluru, Karnataka, India Palo Alto Networks Full timeCompany DescriptionOur MissionAt Palo Alto Networks everything starts and ends with our mission:Being the cybersecurity partner of choice, protecting our digital way of life.Our vision is a world where each day is safer and more secure than the one before. We are a company built on the foundation of challenging and disrupting the way things are done, and...
-
Cybersecurity Architect
1 week ago
Bengaluru, Karnataka, India HCLSoftware Full timePosition Overview:The Security Architect will be responsible for providing architectural and technical guidance for infrastructure and product security across the HCL SW division as well as all HCL SW offerings. The Security Architect will design, planand develop documentation to support secure engineering practices. This critical role will identify and lead...
-
Cybersecurity Architect
1 week ago
Bengaluru, Karnataka, India HCLSoftware Full timePosition Overview: The Security Architect will be responsible for providing architectural and technical guidance for infrastructure and product security across the HCL SW division as well as all HCL SW offerings. The Security Architect will design, plan and develop documentation to support secure engineering practices. This critical role will identify and...
-
Senior Principal FPGA Architect
1 week ago
Bengaluru, Karnataka, India Mulya Technologies Full timeSenior Principal FPGA ArchitectLocation: BangaloreJob Description:Ø As a Senior Principal Engineer/Architect will be working on our existing and next generation Protocol Analysers and similar products.Ø Opportunity to develop a new product to top 10 semiconductor companies to test their next generation productsØ The role involves contributing to the...
-
Senior Software Engineer-Cybersecurity
1 week ago
Bengaluru, Karnataka, India Siemens Healthcare Private Limited Full timeSenior Software Engineer -Cybersecurity In therole of Senior Software Engineer-Cybersecurity in the Ultrasound product development team, yourprimary responsibilities are: Support Security Vulnerability Patch deliveries for Ultrasoundproduct lines and Third-party software management. Mentoring of new resources for Product Security and...
-
Principal Cybersecurity Software Engineer
1 week ago
Bengaluru, Karnataka, India Advanced Sterilization Products Full timeOffice Address : #16 Salarpuria Premia (Opp. Cessna Business Park), Sarjapur Outer Ring Road (ORR), Bangalore 560103SummaryThe ASP Principial Cybersecurity Software Engineer will have a measurable impact in ensuring ASP's success in the application and development of security measures including ensuring their efficiency in combination with security audit and...
-
Senior Software Engineer-Cybersecurity
1 week ago
Bengaluru, Karnataka, India Siemens Healthcare Private Limited Full timeSenior Software Engineer CybersecurityIn therole of Senior Software Engineer-Cybersecurity in the Ultrasound product development team, yourprimary responsibilities are:Support Security Vulnerability Patch deliveries for Ultrasoundproduct lines and Third party software management.Mentoring of new resources for Product Security and VulnerabilityManagementWork...
-
Principal Cybersecurity Software Engineer
1 week ago
Bengaluru, Karnataka, India Advanced Sterilization Products Full timeOffice Address : #16 Salarpuria Premia (Opp. Cessna Business Park), Sarjapur Outer Ring Road (ORR), Bangalore Summary The ASP Principial Cybersecurity Software Engineer will have a measurable impact in ensuring ASP's success in the application and development of security measures including ensuring their efficiency in combination with security audit and...
-
Principal Cybersecurity Software Engineer
1 week ago
Bengaluru, Karnataka, India Advanced Sterilization Products Full timeOffice Address : #16 Salarpuria Premia (Opp.Cessna Business Park), Sarjapur Outer Ring Road (ORR), Bangalore Summary The ASP Principial Cybersecurity Software Engineer will have a measurable impact in ensuring ASP's success in the application and development of security measures including ensuring their efficiency in combination with security audit and...
-
Cybersecurity Architect
1 week ago
Bengaluru, Karnataka, India Alstom Full timeReq ID:446153 We create smart innovations to meet the mobility challenges of today and tomorrow. We design and manufacture a complete range of transportation systems, from high-speed trains to electric buses and driverless trains, as well as infrastructure, signalling and digital mobility solutions. Joining us means joining a truly global community of more...
-
Cybersecurity Architect
3 months ago
Bengaluru, Karnataka, India Alstom Full timeReq ID:446153 We create smart innovations to meet the mobility challenges of today and tomorrow. We design and manufacture a complete range of transportation systems, from high-speed trains to electric buses and driverless trains, as well as infrastructure, signalling and digital mobility solutions. Joining us means joining a truly global community of more...
-
Cybersecurity Architect
1 week ago
Bengaluru, Karnataka, India Alstom Full timeReq ID:446153 We create smart innovations to meet the mobility challenges of today and tomorrow. We design and manufacture a complete range of transportation systems, from high-speed trains to electric buses and driverless trains, as well as infrastructure, signalling and digital mobility solutions. Joining us means joining a truly global community of...
-
Principal Cybersecurity Software Engineer
1 week ago
Bengaluru, Karnataka, India Advanced Sterilization Products Full timeResponsibilities ·Lead, architect, design, develop, document and support high performance ASP products for enterprise-class security systems and medical applications from requirements to production with a focus on security measures and implementation. ·Directly accountable for the oversight and implementation of the ASP Cybersecurity policy for the...
