Role Overview Johnson Controls is looking for a highly skilled and experienced Technical Support Lead - Web to take end-to-end ownership of the organization's global web landscape, comprising a diverse mix of legacy and modern web platforms. These websites are built using multiple technologies (CMS platforms, custom frameworks, static sites, legacy architectures) and are hosted across internal infrastructure as well as third-party vendor environments.
This role is critical in establishing a centralized governance model to ensure that every web property adheres to enterprise-grade standards for security, performance, availability, and compliance. The individual will have accountability for web support functions and will proactively mitigate risks, enhance digital experience quality, and drive operational excellence across the ecosystem.
You will collaborate closely with security teams, infrastructure teams, digital marketing, and external vendors, ensuring alignment with Johnson Controls' policies, while continuously improving the reliability and performance of all public-facing digital assets.
Key Responsibilities 1. Web Landscape Ownership & Governance - Own the lifecycle management of the global web ecosystem, including inventory, architecture visibility, and operational health
- Establish, maintain, and enforce enterprise-wide governance frameworks, standards, and guardrails for web platforms
- Develop and maintain a centralized catalog of all websites, including technology stack, hosting model, ownership, and criticality
- Standardize operational processes, documentation, and compliance checkpoints across all web properties
2. Security, Risk Management & Compliance - Ensure all web applications adhere to Johnson Controls' security policies and global compliance requirements
- Continuously identify and remediate security vulnerabilities, misconfigurations, and outdated dependencies
- Oversee implementation and governance of security layers such as WAF, SSL/TLS, DDoS protection, and access controls
- Partner with cybersecurity teams to conduct periodic audits, penetration testing, and vulnerability assessments
- Define and enforce incident response protocols for security breaches and ensure timely mitigation
- Track and report risk posture and compliance status across the web ecosystem
3. Vendor & Stakeholder Management - Serve as the primary point of contact for all external vendors hosting or managing Johnson Controls web properties
- Ensure vendors strictly adhere to security standards, SLAs, contractual obligations, and performance benchmarks
- Conduct regular vendor reviews, audits, and compliance checks
- Collaborate with procurement, legal, and security teams to ensure vendor governance alignment
- Drive accountability and continuous improvement through KPIs, scorecards, and operational reviews
4. Performance Monitoring & Optimization - Define and monitor Core Web Vitals and other key performance indicators across all websites
- Establish baseline benchmarks aligned with industry standards for performance, SEO, and accessibility
- Implement tools and frameworks to track real user metrics (RUM) and synthetic monitoring
- Identify performance bottlenecks and lead initiatives to optimize page load times, responsiveness, and stability
- Work with development and infrastructure teams to implement performance best practices
5. Incident Management & Production Support - Act as the lead escalation point for any web-related incidents impacting availability, performance, or security
- Define and manage incident management processes, including prioritization, triaging, and escalation matrices
- Ensure effective monitoring, alerting, logging, and observability strategies are in place
- Lead root cause analysis and drive permanent fixes to prevent recurrence
- Ensure adherence to SLAs for incident resolution and uptime commitments
6. Continuous Improvement & Modernization - Evaluate the current web ecosystem to identify technical debt, redundancies, and modernization opportunities
- Drive initiatives to consolidate, optimize, and modernize legacy platforms
- Introduce automation for monitoring, reporting, compliance checks, and operational efficiency
- Promote adoption of modern web practices (headless CMS, edge hosting, CI/CD pipelines, etc.)
- Foster a proactive support culture, shifting from reactive issue handling to predictive prevention
7. Reporting & Metrics - Develop dashboards and reports capturing:
- Security posture and vulnerability trends
- Website performance and Core Web Vitals
- Incident trends and resolution timelines
- Present insights and recommendations to senior leadership and stakeholders
- Drive data-backed decisions to continuously improve the web ecosystem
Required Qualifications - Bachelor's degree in Computer Science, Information Technology, or a related discipline
- 10+ years of experience in web technologies, digital platforms, or production support roles
- Web architectures (CMS platforms, headless, microservices, monoliths)
- Hosting environments (cloud, on-prem, CDN, edge networks)
- Web security principles (OWASP, WAF, SSL, DDoS protection, IAM)
- Proven experience in managing large-scale, multi-vendor web ecosystems
- Hands-on experience with monitoring tools, performance tuning, and incident management
- Experience with enterprise platforms such as Sitecore, or similar CMS solutions
- Familiarity with Core Web Vitals tools (Google Lighthouse, PageSpeed Insights, etc.)
- Knowledge of modern frontend frameworks (React, Next.js) and DevOps practices (CI/CD pipelines)
- Exposure to cloud platforms (Azure, AWS, GCP) and edge hosting providers (e.g., Vercel, Akamai, Cloudflare)
- Strong leadership with the ability to drive cross-functional alignment
- Deep understanding of risk management and compliance frameworks
- Analytical mindset with a focus on data-driven insights and decisions
- Ability to manage complex, distributed environments with multiple stakeholders
- Effective communication skills for both technical and non-technical audiences
