Field Cybersecurity Operations Manager

Yesterday

Apply Now

Receive Emails with Similar Jobs

Johnson Controls

WebsiteLinkedInAll Job Openings

Engineering • Manufacturing Operations • Sales • Building Automation • Fire & Hazard Protection

10,000+

Description

• Drive a transformational cybersecurity program to reduce cybersecurity risk for customers’ smart building system deployments. • Establish and manage lifecycle best practices, policies, standards and processes for product installation, servicing and support. • Create cybersecurity resources for program communications and training across Johnson Controls’ globally for a multi-domain product portfolio (e.g. Controls, Fire, Physical Security, Chiller, Connected Digital Solutions). • Measure success by maintaining risk metrics associated with the install base and field security practices. • Establish governance program for field cybersecurity operations. • Develop and maintain field cybersecurity operations policies, standards and processes to support program goals. • Maintain compliance requirements including product hardening, secure connectivity, user management and end-of-life. • Work with key stakeholders and leadership to ensure sponsorship, alignment and adoption of program initiatives. • Maintain a partnership with field operations teams to deploy training, communicate cyber guidance, and collect input and data on cyber aspects of field operations. • Coordinate across multiple functions (field operations, product support, sales channels, product development, product security, and information security) to meet customer and company expectations and timelines. • Maintain easy to follow product cybersecurity architectures and product safeguard feature lists. • Provide solution architecture support for customer engagements. • Periodically report to senior leadership on program health and status. • Anticipate business and industry regulatory issues to address field requirements proactively. • Coordinate with legal and other regulatory and compliance groups to ensure company compliance with key laws, regulations, and certifications. • Create training resources to drive internal and external awareness and compliance. • Support customer related compliance, vulnerability management, incident response, and risk management. • Define, gather, and monitor meaningful metrics and establish associated tooling for compliance and continuous improvement. • Participate in cybersecurity committees, boards, councils and working groups.

Requirements

• Minimum of 8 years of professional work experience in cybersecurity governance, risk and compliance role or cybersecurity solution architecture role • BS/BA in cybersecurity, computer science, engineering, or related technical degree • Experience with Smart Building Technologies (e.g. Controls Systems, Building Management) • Knowledge of cybersecurity compliance, regulations, industry standards and certifications • Excellent problem-solving skills to analyze customer cyber issues and requirements (regulatory, policy, customer, industry standard) and link to appropriate cybersecurity controls • Track record of building cohesive teams and collaborating successfully with other functions • Technical and operational excellence, thought leadership, integrative thinking, and passion • Experience with technology related compliance and risk management related frameworks such as RMF, NIST 800-53, ISA/IEC 62443, UL CAP, ISO 27001, GDPR, CSL, SOC 2 or other comparable. • Experience with driving transformation within an organization. • Technical project management experience using agile methodologies • Ability to create cybersecurity solution architectures for building systems as designed • Experience incorporating solutions into customer environments for secure local and remote operations • Ability to assess and translate requirements from various sources into practical plans/schedules • Strong interpersonal skills to influence stakeholder at all levels of the organization • Customer relations acumen with ability to explain complex technical details to a wide audience • Superior skill in written and verbal communications as well as planning/delivering presentations • Cybersecurity certifications, e.g. CISSP, GSEC, Sec+, or related are preferred.

Benefits

• Competitive salary and bonus plan • Paid vacation/holidays/sick time • Comprehensive benefits package including 401K, medical, dental, and vision care - Available day one • Extensive product and on the job/cross training opportunities with outstanding internal resources • Encouraging and collaborative team environment • Dedication to safety through our Zero Harm policy