Product Security Governance Analyst

Country:

Location:

Carrier is the leading global provider of healthy, safe and sustainable building and cold chain solutions with a world-class, diverse workforce with business segments covering HVAC, refrigeration. We make modern life possible by delivering safer, smarter and more sustainable services that make a difference to people and our planet while revolutionizing industry trends. This is why we come to work every day. Join us and we can make a difference together.

About this role

Established Security Services professional. Carries out and oversees security protocols and analyzes daily activities and irregularities to enhance effectiveness of security monitoring, policies, and procedures.

Key Responsibilities:

• Supports all phases of the secure engineering, support and development lifecycles in collaboration with multifunctional leaders, stakeholders, contributors and businesses.

• Drives secure development principles, practices and activities within engineering and production in order to help quantify cybersecurity risk, issues and defects within Carrier offerings, such that teams may appropriately characterize, manage and remediate to standard.

• Coordinates with production in order to help scope projects, define cybersecurity requirements, perform gap analysis, refine functional requirements, and road map residual cyber risk.

• Provides audit, analysis, and review support for certification, standards, governance, process, infrastructure, deployment and all collaborative mission areas, Carrier brands and businesses.

• Supports ad hoc initiatives within the cybersecurity-engineering domain, as needed.

• Provides critical support as required for all major Product Security missions, including Secure Development, Operations and Innovation.

• Supports Product Security activities such as threat modeling, security assurance testing, cyber risk assessment, security reviews and threat vulnerability assessment for all offerings.

• Manage the delivery of the contracted scope and secure change orders for the expansion of scope, within budget, on-time and with a high level of customer satisfaction. 

• Coordinate project materials and the use of shared resources; identify resource constraints, and assist with corrective action plans to remedy any issues.

• Assess and audit security deliverables, ensuring compliance with industry standards and best practices. 

• Provide metrics on key performance indicators to confirm security assessments, risk analyses, and reporting project status at multiple levels. 

• Collaborate with stakeholders to define security requirements and deliverables. 

• Perform retrospectives and process improvements. 

• Manage projects following project processes and where applicable provide direction to assisting Project Engineers.

• Participate, manage and lead in security audits and assessments to ensure compliance with regulatory requirements and industry standards. 

• Create automation to execute templates on automation.

Required Qualifications:

• Bachelors degree

• 1+ years of experience in Software Development

• 1+ years of experience in Scripting and Automation

Preferred Qualifications:

• 1+ years of experience secure systems or controls preferred.

• Diverse technical domain experience is a plus.

• 1+ years of knowledge of secure software development lifecycle, practices and activities.

• Secure by design principles and architecture level security concepts.

• Excellent communication skills.

• Strong interpersonal skills with the ability to effectively support diverse groups, help negotiate priorities, and resolve conflicts among project stakeholders.

• Work with a globally diverse team.

• Contribute to the security and compliance of Carrier solutions.

• Create a marketable differentiation in cybersecurity.

• Align global regulations and industry direction to the Carrier portfolio.

#LI-Onsite

RSRCAR

Carrier is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

Job Applicant's Privacy Notice:

Click on this link to read the Job Applicant's Privacy Notice