Be an early applicantLess than 25 applicants

Company

Johnson Controls · 3 days ago

Sr. Product Cybersecurity Developer (Remote)

Milwaukee, WI

Full-time

Remote

Senior Level

7+ years exp

Maximize your interview chances

Industrial EngineeringPhysical Security

H1B Sponsor Likely

Hiring Manager

Michela John

Insider Connection @Johnson Controls

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Coordinate with product leaders and functional teams across the company to drive adoption.

Manage a standard set of cyber software and hardware components used across product lines.

Provide technical leadership and guidance on translating cybersecurity requirements and architectural design into software and hardware capabilities.

Lead development of innovative cybersecurity prototypes and proofs of concept.

Architect security and privacy by design and secure-by-default into software applications for mobile, embedded systems, and cloud.

Evaluate utility and resiliency of cybersecurity components using integration and security assurance testing processes and capabilities.

Review product architectures for security design gaps and vulnerabilities and consult with product teams to remediate or mitigate cyber risk.

Support generation of intellectual property and submit patents to advance business objectives.

Collaborate with business leaders and engineering directors on security risks and opportunities.

Use Agile Project Management to manage resources and track milestones and deliverables.

Support customer audits and inquiries pertaining to our product cybersecurity program.

Identify cybersecurity opportunities that enhance the developer and customer experience.

Speak at customer-facing events and present at conferences.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

CybersecuritySoftware SecuritySecure SDLCAgile MethodologiesLinux OSJavaPythonKaliNessusNetsparkerOpenVASBurpSuiteMetasploitEmbedded SystemsPenetration TestingData ProtectionRisk Management Frameworks

Required

Minimum of 7 years of experience with at least 5 years in software or product cybersecurity.

Bachelors degree in Cybersecurity, Computer Science, Engineering, Information Systems, or related technical degree.

Technical and operational excellence, thought leadership, and integrative thinking.

Expert knowledge and practical product and software security experience, including secure SDLC practices, security and privacy by design architectures, and secure by default configurations.

Strong problem-solving skills to analyze cybersecurity issues and requirements (legal/regulatory, policy, customer, industry standards) and relate them to appropriate security controls.

Demonstrated ability to lead change initiatives that intelligently manage software cyber risks.

Proven ability to deliver results using agile methodologies and tools (e.g. Scrum/Kanban, Jira).

Understanding of agile software development and continuous integration/deployment.

Practical experience with Linux OS, programming and scripting languages (e.g. Java, Python, Perl), and security tools (e.g. Kali, Nessus, Netsparker, openVAS, BurpSuite, Metasploit).

Understanding of embedded systems architectures (e.g. ARM, Cortex), embedded systems tools/emulators, RTOS/Linux, network protocols and programming languages (such as C/C++).

Understanding of penetration testing, reverse engineering, software attack vectors, fault injection, device fingerprinting, and tamper resistance.

Understanding TPM, Secure Boot, OTP, PKI, SPI/I2C bus analyzers, JTAG probing.

Knowledge of current security threats and techniques for exploiting software vulnerabilities.

Understanding of web and mobile application secure design principles such as OWASP.

Understanding of data protection, secure cloud, and network infrastructure design principles.

Familiarity with technology risk management related frameworks such as RMF, NIST 800-53, ISA/IEC 62443, UL CAP, ISO 27001, GDPR, CSL, CSA, SOC 2 and other comparable.

Superior interpersonal, organizational, written/verbal communication, and presentation skills.

Ability to build trust with stakeholders and explain complex security topics to all audiences.

Preferred

Experience with Operational Technologies (e.g. Controls Systems, Building Management) a plus.

Active participation in hackathons, cybersecurity competitions, and exercises are a plus.

Travel is occasional at approximately 10%, including international.

Benefits

Competitive salary and bonus plan

Paid vacation/holidays/sick time

Comprehensive benefits package including 401K, medical, dental, and vision care - Available day one

Extensive product and on the job/cross training opportunities with outstanding internal resources

Encouraging and collaborative team environment

Dedication to safety through our Zero Harm policy

Company

Johnson Controls

Glassdoor

3.6

Johnson Controls offers smart buildings that create safe, healthy, and sustainable environments.

Founded in 1885

Cork, Cork, IRL

10,001+ employees

http://www.johnsoncontrols.com

H1B Sponsorship

Johnson Controls has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2023 (70)

2022 (87)

2021 (92)

2020 (70)