Product Security Officer
Location: East Hartford, Connecticut US
Job Number: 7820
Businesses Pratt & Whitney Job ID 01290396 Date posted 01/30/2019 City East Hartford State Connecticut Country United States
United States of America
PW100: East Hartford 400 Main Street, East Hartford, CT, 06118 USA
Do you feel fulfilled when you help others succeed? Are you fascinated by the way the people learn and grow? Have you considered what it may be like to work at Pratt & Whitney? If so, we want to hear from you! We have an excellent opportunity for a talented Product Security Officer in East Hartford, CT.
Would you like to be part of an evolving, globally diverse company that's moving fast to craft the future of aviation? Customers all over the world depend on our technology and the people behind it. As a part of our team you'll help answer today's challenges in powered flight while crafting and supporting tomorrow's solutions.
As a recognized leading producer of the world's most powerful jet engines, we strive to find dedicated individuals to support our organization. If you aspire to contribute to a dynamic environment and possess the motivation to convert new ideas into practice, this may be the opportunity you've been looking for.
As excellent physical products like jet engines get "smarter" and become increasingly connected, security becomes increasingly meaningful. The mission of the newly created Product Security Officer is to ensure the digital security of Company products by (1) ensuring that security is built into the products before they ship, (2) operationally understanding risk to our products on a day-to-day basis, and (3) ensuring that we have a strong Product Security Incident Response Team (PSIRT) to respond effectively and quickly to any product security issues.
As Product Security Officer, you'll be responsible for coaching and advising product teams across the engineering function on how to build security into their products, and how to handle incidents when things go wrong. This includes coaching engineering teams on the digital security discipline, technical architectures, business processes, and risk management frameworks needed to do security right in products through the entirety of the product lifecycle from inception through "end of life".
- You will handle and develop a team of advisors who are engineers able to effectively evaluate technical risks on security architecture and code quality
- Build credibility and trust with other engineers, helping them while working side by side while coaching them on how to build security into products
- You will hire and lead a team of software engineering consultants and business risk professionals who understand a broad range of software engineering methodologies including both agile and waterfall, and who can effectively evaluate & articulate risk in practice as product teams & incident response teams continually improve their software engineering & product security talent, processes, and tooling
- Help executives understand and scale the risks which their teams are running, and similarly understand the best opportunities for fastest & most efficient improvement
- You will need to have experience with security risk evaluation in advisory or consulting capacities
- Ability to quickly build and lead small teams which become widely trusted
- Ability to rapidly learn deeply technical subjects, such as product security, and keep abreast with fast moving industries, such as security
- Understanding of both agile and waterfall software development processes since many product teams are already agile and many product teams are earlier in that journey
- Leadership and project management skills
- Executive presence, whether in the boardroom, or 1:1 with business and engineering executives
- Ability to serve partners with large, geographically distributed teams
- B.S. in Computer Science or Electrical Engineering
- 8 years' of electronic computer experience with greater responsibility progressing from beginning of career to present day. Starting as a programmer in software security (where significant, positive results were achieved), progressing to a manager and perhaps on to a leader of multiple areas/departments within the confines of this discipline.
- United States Citizen due to Government Contracts
- Ability to obtain a US Government Security Clearance
- Advanced degree preferred
- Experience leading change through establishing teams of reciprocal, useful, compassionate, patient, and deeply talented coaches
- Experience leading software engineering, or a track record of success, advising software engineering teams
- Experience with software and security engineering maturity and security risk evaluation models, including familiarity with the advantages and disadvantages of each. (risk analysis)
- Experience with security architecture at scale, and fluent in a broad range of relevant product security architectures, principles, components, and protocols
- Familiarity with multiple Secure Development Lifecycle (SDL/SDLC) methodologies, either as practiced and published by leading software companies, or other organizations such as SAFECode, OWASP/SAMM, BSIMM, NIST 800-64, SSE-CMM, FAA/iCMM, and others
- Familiarity with multiple product security compliance and strategy frameworks, along with the advantages and disadvantages of each
- Experience with threat modeling, penetration testing and cyber security tools
- Experience with embedded systems companies and/or physical product companies
- An outstanding combination of risk-tolerance, impatience, optimism, compassion, and vision, and a burning desire to make a difference
United Technologies Corporation is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.
Click on this link to read the Policy and Terms
United Technologies Corporation is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age, or any other federally protected class.
Job Number: 01290396
Community / Marketing Title: Product Security Officer
Location_formattedLocationLong: East Hartford, Connecticut US