J

Field Cybersecurity Operations Manager (Remote)

Johnson Controls
Full-time
Remote
United States

Build your best future with the Johnson Controls team

As a global leader in smart, healthy and sustainable buildings, our mission is to reimagine the performance of buildings to serve people, places and the planet. Join a winning team that enables you to build your best future! Our teams are uniquely positioned to support a multitude of industries across the globe. You will have the opportunity to develop yourself through meaningful work projects and learning opportunities. We strive to provide our employees with an experience, focused on supporting their physical, financial, and emotional wellbeing. Become a member of the Johnson Controls family and thrive in an empowering company culture where your voice and ideas will be heard – your next great opportunity is just a few clicks away!

What we offer

Competitive salary and bonus plan
Paid vacation/holidays/sick time
Comprehensive benefits package including 401K, medical, dental, and vision care - Available day one
Extensive product and on the job/cross training opportunities with outstanding internal resources
Encouraging and collaborative team environment
Dedication to safety through our Zero Harm policy
Check us Out: Day in the Life of the Building of the Future https://youtu.be/pdZMNrDJviY

What you will do

As a field cybersecurity operations manager, you will drive a transformational cybersecurity program to reduce cybersecurity risk for our customers’ smart building system deployments. This role will establish and manage lifecycle best practices, policies, standards and processes for product installation, servicing and support.

You will be responsible for creating cybersecurity resources for program communications and training across Johnson Controls’ globally for a multi-domain product portfolio (e.g. Controls, Fire, Physical Security, Chiller, Connected Digital Solutions). You will measure success by maintaining risk metrics associated with the install base and field security practices.

A comprehensive knowledge of Johnson Controls’ products, their deployment architectures, safeguards and hardening will be crucial for success in this role.

How you will do it

  • Establish governance program for field cybersecurity operations

  • Develop and maintain field cybersecurity operations policies, standards and processes to support program goals.

  • Maintain compliance requirements including product hardening, secure connectivity, user management and end-of-life.

  • Work with key stakeholders and leadership to ensure sponsorship, alignment and adoption of program initiatives.

  • Maintain a partnership with field operations teams and the field champion network to deploy training, communicate cyber guidance, and collect input and data on cyber aspects of field operations.

  • Coordinate across multiple functions (field operations, product support, sales channels, product development, product security, and information security) to meet customer and company expectations and timelines.

  • Maintain easy to follow product cybersecurity architectures and product safeguard feature lists.

  • Provide solution architecture support for customer engagements.

  • Periodically report to senior leadership on program health and status.

  • Anticipate business and industry regulatory issues to address field requirements proactively.

  • Coordinate with legal and other regulatory and compliance groups to ensure the company is compliant with key laws, regulations, and certifications.

  • Create training resources to drive internal and external awareness and compliance.

  • Support customer related compliance, vulnerability management, incident response, and risk management

  • Define, gather, and monitor meaningful metrics and establish associated tooling for compliance and continuous improvement.

  • Participate in cybersecurity committees, boards, councils and working groups.

What we look for

Required

  • Minimum of 8 years of professional work experience in cybersecurity governance, risk and compliance role or cybersecurity solution architecture role

  • BS/BA in cybersecurity, computer science, engineering, or related technical degree

  • Experience with Smart Building Technologies (e.g. Controls Systems, Building Management)

  • Knowledge of cybersecurity compliance, regulations, industry standards and certifications

  • Excellent problem-solving skills to analyze customer cyber issues and requirements (regulatory, policy, customer, industry standard) and link to appropriate cybersecurity controls

  • Track record of building cohesive teams and collaborating successfully with other functions

  • Technical and operational excellence, thought leadership, integrative thinking, and passion

  • Experience with technology related compliance and risk management related frameworks such as RMF, NIST 800-53, ISA/IEC 62443, UL CAP, ISO 27001, GDPR, CSL, SOC 2 or other comparable.

  • Experience with driving transformation within an organization.

  • Technical project management experience using agile methodologies

  • Ability to create cybersecurity solution architectures for building systems as designed

  • Experience incorporating solutions into customer environments for secure local and remote operations

  • Ability to assess and translate requirements from various sources into practical plans/schedules

  • Strong interpersonal skills to influence stakeholder at all levels of the organization

  • Customer relations acumen with ability to explain complex technical details to a wide audience

  • Superior skill in written and verbal communications as well as planning/delivering presentations

  • Cybersecurity certifications, e.g. CISSP, GSEC, Sec+, or related are preferred.

Preferred

  • Bachelor’s degree in a technical field (Engineering, Computer Science, Information Systems) or equivalent

  • Demonstrated ability to optimally facilitate and drive organizational change

  • Certified Information Systems Security Professional (CISSP), Certified Secure Software Lifecycle Professional (CSSLP), GSEC, Sec+ or equivalent cybersecurity certifications.


#LI-MJ1

#LI-Remote

Johnson Controls International plc. is an equal employment opportunity and affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, genetic information, sexual orientation, gender identity, status as a qualified individual with a disability or any other characteristic protected by law. To view more information about your equal opportunity and non-discrimination rights as a candidate, visit EEO is the Law. If you are an individual with a disability and you require an accommodation during the application process, please visit here.