As Carrier emerges as an independent, standalone company, the Carrier Technology and Engineering organization is transforming. This new multi-disciplinary organization will ensure Carrier's lead position in the market through investments in advanced research, technologies and methods that will shape the future of our products. We are looking for top talent that can lead research activities in specific disciplines, and drive results into our business units, our products, and ultimately deliver value for our valued customers.
Willis Carrier invented the first modern air-conditioning system in 1902 and changed how people live, work, and play. Today, Carrier needs your talent to build upon this legacy and to deliver what's next for the modern world.
Carrier is seeking a highly motivated and results driven Product Cyber Security Architect to join and enhance the Product Cyber Security team. The team is responsible for driving the product cyber security strategy to strengthen the cyber security posture of legacy and go-forward Carrier products and services. The position covers different aspects of the product life cycle, including pre-development, development and post-release.
Roles & Responsibilities:
The candidate will:
- Support various global teams across Carrier in the threat modeling and architectural review of product design and continuously ensure the risks are being reduced to an acceptable level
- Work with global teams to ensure commitment to the cyber security strategy of minimizing flaws and improving product resiliency to cyber attacks by ensuring adherence to the integrated secure development lifecycle process and continually pursuing advanced cyber protection mechanisms
- Work with the global engineering teams to establish cyber security design policies and ensure that these policies are incorporated into product design, with requirements traceability and system validation and verification
- Interface with global teams and share best practices and lessons learned
Education / Experience / Qualifications:
- Bachelor of Science/Engineering in cyber security, computer science or a related engineering discipline (at a minimum)
- 6+ years of cyber security engineering and software systems development experience
- 4+ years solid experience with fine granularity threat modeling and risk assessment using various tools such as ThreatModeler and Microsoft Threat Modeling Tool
- In-depth experience and knowledge of requirements capture and systematic discovery of threats, as a part of Secure Development Lifecycle
- Knowledge of various cryptographic systems and requirements for authentication, authorization and encryption for various types of systems, including TPM, TrustZone and secure boot chaining
- Knowledge of different types of security vulnerabilities and safeguards at different layers of hierarchical systems, including the embedded layer and system layer
- Knowledge of state of the art security analysis tools and various product cyber security safeguards.
- Excellent written and verbal communication and presentation skills
- Cyber Security certifications such as OSCP, CEH, CISSP, GSEC is a plus