About Johnson Controls
The future is being built today, and Johnson Controls is making that future more productive, more secure, and more sustainable. We are harnessing the power of cloud, data analytics, the Internet of Things, and user design thinking to deliver on the promise of intelligent buildings and smart cities that connect communities in ways that make people’s lives – and the world – better.
We build smart building cybersecurity solution design and deployment. We promote effective risk management for secure digital and connected solutions across their operational lifecycle. As a consultant to our businesses, you will guide installation and service organizations through implementation of our security policies. You will foster sales, field, and customer success teams as they deliver a positive cybersecurity experience for our customers.
How you will do it
- Provide cybersecurity mentorship and assistance to solutions teams, security champions, support teams, and business leaders throughout all phases of customer projects.
- Ensure customer’s security and privacy requirements are identified, implemented, and maintained.
- Collaborate with solutions architects to incorporate security in projects by design from device to cloud to minimize risk.
- Work with project teams to deploy the design and implement hardening guidance. Help them mitigate residual risk.
- Influence requirements to facilitate customer cybersecurity acceptance. Ensure contract compliance and support security questionnaires, assessments, audits, and Site Acceptance Tests (SAT).
- Discover improvements for security policies, standards, and metrics to lead our adaptation to evolving regulatory, customer, and threat environments.
- Be an advocate for innovative security features, capabilities, and practices.
- Raise cybersecurity awareness and facilitate security training and certification.
What we look for
- Bachelor’s degree in Cybersecurity, Computer Science, Engineering, Information Systems, or related technical degree or equivalent experiences
- 6 years’ experience demonstrating knowledge and practical product and software security experience, including secure SDLC practices, security and privacy by design architectures, threat modeling, and secure by default configurations, supply chain security and security hardening.
- Experience implementing network segmentation, firewalls, and cloud computing architecture designs.
- Demonstrate your problem-solving skills analyzing cybersecurity issues and requirements (legal/regulatory, policy, customer, industry standards) and relate them to appropriate security controls.
- How do you supervise compliance activities, i.e. metrics, assessments, audits, exercises, risk frameworks, and maturity models?
- You can lead change initiatives that intelligently minimize software cyber risks.
- Outstanding interpersonal, organizational, written/verbal communication, and presentation skills.
- You build trust with partners and explain sophisticated security topics to all audiences.
- Experience with Operational Technologies (e.g. Controls Systems, Building Management).
- Knowledge of modern secure networking technologies such as zero-trust solutions.
- Familiarity with technology risk management related frameworks such as RMF, NIST 800-53, ISA/IEC 62443, UL CAP, ISO 27001, GDPR, CSL, SOC 2 or other comparable.
- Understanding of penetration testing, reverse engineering, software attack vectors, fault injection, device fingerprinting, and tamper resistance.
- CSSLP, CISSP, CCSP, OSCP, CEH, or related cybersecurity certifications.