Lead Cloud Application Security Architect
The future is what you make it. When you join Honeywell, you become a member of our global team of thinkers, innovators, dreamers and doers who make the things that make the future. That means changing the way we fly, fueling jets in an eco-friendly way, keeping buildings smart and safe and even making it possible to breathe on Mars. Working at Honeywell isn’t just about developing cool things. That’s why all of our employees enjoy access to dynamic career opportunities across different fields and industries. Are you ready to help us make the future?
Honeywell Connected Enterprise (HCE) is a global leader for products and technologies that are installed in more than 10 million buildings, aircraft, and facilities worldwide. We are a pioneer in the Internet of Things, developing the next generation of connected offerings. Are you someone who wants to drive real improvements into real products in an environment which has a strong organizational support for product security?
In the role of Lead Cloud Application Security Architect for Forge Performance Plus product, you will join a growing Product Security team providing expertise in secure software, requirements, and architecture throughout all phases of the product lifecycle. The Lead Cloud Application Security Architect will report to the Senior Cyber Manager and will drive security baselines, processes, solutions, and risk reduction across a growing line of core product areas; providing mentorship to team members.
KEY RESPONSIBILITIES
·Conduct design review of the core platforms in building the best and most secure Honeywell products in Azure Cloud
·Drive secure product development using existing standards and practices, staying abreast of emerging threats, security practices, and technologies in the cloud
·Influence decision-makers and stakeholders, improve secure coding practices, security requirements, and design
·Regularly participate in PI Planning and Scrum Meetings to ensure that security is at the forefront of development and product management mind
·Provide product security assessment reports to the Senior Management, Development Managers and Product Managers on a regular basis
·Define and continuously improve Honeywell Secure SDLC process by simplifying and automating to match delivery speed of development teams
·Drive secure engagement and architecture including threat modeling, vulnerability and risk assessment, analysis of findings from penetration tests, and tools (e.g., SAST, SCA, Container vulnerability scans)
·Drive incident response investigation, ensure coordination for remediation plan and execution
·Scope and drive security testing of products, perform results assessments, and assist in remediation strategies with engineering
·Mentor and coach engineering and security architects in secure SDLC practices, train and engage security advocates
YOU MUST HAVE
·Bachelor’s degree
·8+ years of experience of application security architecture for any public cloud such as AWS, Azure, GCP
·5+ years of programming experience
WE VALUE
·Experience in architecting enterprise class high-volume high-performance software products
·Secure software development lifecycle (SSDLC) experience
·Rich software development background
·Certifications in Secure Software Lifecycle or Cloud Security demonstrating deep practical knowledge, such as CSSLP or CCSP
·Azure, AWS or GCP Security or Solutions Architecture Certifications
·Understanding of the challenges operating trusted infrastructure in public cloud environments, as well as on-premises.
·Ability to drive security concepts and practices into development teams, as well as communicate security risks, threats, and mitigation strategies
·Strong interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among project partners
·Understanding of Agile software development practices
·In-depth knowledge and understanding of OWASP Top 10 and CWE Top 25 with experience in assessment and providing remediation strategies
·Experiences with DevOps (CI/CD) & SDLC
·Master’s degree
·Strong interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among project partners
·Passion for achieving results and continual self-improvement
Location
Bangalore, IN