Quantcast
Employer: Sign In or Register

Product Cyber Security Process Management Lead

Pratt & Whitney


Location:
Farmington, CT
Date:
06/23/2017
2017-06-232017-07-22
Job Code:
48963BR
Categories:
  • Mechanical Engineering - Applied Mechanics
Apply on the Company Site
  •  
  • Save Ad
  • Email Friend
  • Print
  • Research Salary

Job Details

Product Cyber Security Process Management Lead Description at United Technologies Corporation

Product Cyber Security Process Management Lead

Business Unit UTC Climate Controls & Security Job ID 48963BR Date posted 05/10/2017 City Farmington State Connecticut Country United States
The Systems and Controls Technologies group, a group operating at the headquarters level of CCS and Otis, the two commercial divisions of United Technologies, is seeking a highly motivated and results driven Cyber Security Process Management Lead to join and enhance the Product Cyber Security team. The team is responsible for driving the product cyber security strategy to strengthen the cyber security posture of legacy and go-forward CCS and Otis products. Though it has some overlap with IT, the position is not an IT related position. The focus is on the products and services designed, manufactured and sold by CCS and Otis. The position is primarily related to the management of all aspects of the product life cycle, including pre-development, development and post-release.

The Systems and Controls group is responsible for developing leading technology for device and building control solutions, and deploying state of the art development tools & methodologies to support cross-business unit initiatives. The position will be based in Farmington, CT. The successful candidate will be required to travel approximately 20% of the time.

SPECIFIC FUNCTIONS / ESSENTIAL DUTIES

  • Work with global teams across CCS and Otis to ensure commitment to the cyber security strategy of minimizing flaws and improving product resiliency to cyber attacks by ensuring adherence to the integrated secure development lifecycle process
  • Work with the global engineering teams to establish cyber security design policies and ensure that these policies are incorporated into product design, with requirements traceability and system validation and verification.
  • Develop and maintain detailed plans for legacy product assessment and remediation, creating risk categories and prioritizations and closely working with the business units to develop a clear plan of action
  • Establish team of external partners, including industry and academia, to ensure timely completion of various aspects of the standard work
  • Refine and support the standard work associated with product cyber security incident response management
  • Communicate with management about the legal and regulatory requirements for cyber-security, risk assessments on new product introductions and new technological adoption.
  • Stay updated on latest cyber security hacking news, technologies and methodologies including:
    • The latest attack methodologies including penetration testing and red-team methodologies.
    • Latest forensic and incident response methodologies.
    • Attend security or hacker conferences and build up a network of associates

  • Prepare and present program status updates for senior management and key stakeholders.
  • Work in an environment of continuous improvement and lean process and product development.
Qualifications
  • In-depth experience and knowledge of requirements capture, cyber security threat modeling and systematic discovery of threats, as a part of Secure Development Lifecycle
  • Knowledge of different types of security vulnerabilities and safeguards at different layers of hierarchical systems, including the embedded layer and system layer
  • Intimate knowledge and experience with incident response management of cyber security reported as well as self-discovered vulnerabilities
  • Experience in program management or engineering project leadership of complex systems from the conceptual stage through to production for a global market. Intimate knowledge of software development methodologies and the software development lifecycle in agile as well as staged-gate process
  • Understanding of Earned Value Management and ability to utilize computer-based project management tools such as with MS Project.
  • Experience with, or a strong understanding of quality control processes, tools, and methodology.
  • Knowledge of state of the art security analysis tools and various product cyber security safeguards. These include threat modeling, source code analysis, dynamic analysis, penetration testing and audit/compliance tools
  • Superior communication skills required. Adept at communicating with globally disperse cross functional teams of design, marketing, service, manufacturing, aftermarket and R&D, including non-native English speaking team members.
  • Prior development background in various languages such as C,C++, C#, Java, Python
Education Bachelor of Science Engineering +10 years’ experience required or MS/PhD Engineering with 5+ years of experience preferred. Candidates with MBAs would be preferred.

EEO/AAP Statement
United Technologies Corporation is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability or protected veteran status.

Apply on the Company Site

Pratt & Whitney is a recognized leading producer of the world's most advanced jet engines. This is your opportunity to join a company steeped in history yet focused on the future by developing engines that provide step-change improvements for the next generation of commercial aircraft and fifth generation military aircraft. Pratt & Whitney, a pioneer in flight and technology, is part of the United Technologies Corporation (UTC) family. UTC is a Fortune 50 company located in over 4,800 locations in approximately 80 countries with $65.2 billion in revenues in 2014.

 

Featured Employers[ View All ]