Skip Navigation

You Are Now Leaving The United Technologies Website

You are now leaving UTC.com and entering a website that United Technologies does not control. United Technologies has provided this link for your convenience, but does not endorse and is not responsible for the content, links, privacy policy, or security of this website.

Sign in to search with your linkedin profile

Associate Dir, Product Security Architecture & Risk Evaluation

Apply Now
Businesses United Technologies Corp. Headquarters Job ID 01292865 Date posted 02/08/2019 City East Hartford State Connecticut Country United States

Date Posted:

2019-02-08-08:00

Country:

United States of America

Location:

UT13: RC-CT - Corp 411 Silver Lane, East Hartford, CT, 06108 USA

United Technologies Corporation (UTC; NYSC: UTX) is headquartered in Farmington, CT, just outside of Hartford, CT. We employ over 204,000 talented individuals globally, achieve net sales in excess of $60 billion, and invest $4B each year back into research & development activities. Our aerospace businesses include Pratt & Whitney aircraft engines and Collins Aerospace – the combination of which make us the largest aerospace company in the world. Our commercial businesses include Otis elevators and escalators and UTC Climate, Controls & Security – a leading provider of heating, ventilation, air conditioning, fire and security systems and building automation controls.

United Technologies Corporation was founded by some of the world’s greatest inventors. We helped build the Second Industrial Revolution and brought about a century of urbanization and globalization. Now we need your help to build the next one.

Tech@UTC is the UTC technology organization, comprised of the global engineering function, several focused centers of expertise, our skunkworks organization – United Technologies Advanced Projects (UTAP), and our advanced Research & Development lab – United Technologies Research Center (UTRC). By combining a passion for science with precision engineering, we create smart, sustainable solutions that prove we can do the big things the right way. We put the “T” in UTC.

As great physical products like jet engines, elevators, avionics, HVAC, door locks, and smoke detectors get “smarter,” becoming increasingly connected, security becomes increasingly important.  The mission of the newly created Product Security Center of Expertise (PSCOE) is to ensure the digital security of these products by (1) ensuring that security is built into the products before they ship, (2) operationally understanding risk to our products on a day-to-day basis, and (3) ensuring that we have a strong Product Security Incident Response Team (PSIRT) to respond effectively and quickly to any product security issues.

As Product Security Architect, you’ll be a senior technical leader of Product Security Team, actively responsible for coaching and advising hundreds of product teams on how to build security into their products, and how to handle incidents when things go wrong. This includes coaching engineering teams on the engineering discipline, technical architectures, business processes, and risk management frameworks needed to do security right in products through the entirety of the product lifecycle from inception through “end of life”.

Key Job Responsibilities

  • Advise engineering teams by effectively evaluating technical risks on security architecture and code quality, and be able to build credibility and trust with other engineers, helping them while working side by side with them, and coaching them on how to build security into products
  • Act in capacity of a trusted subject matter expert and business risk professional who understands a broad range of software engineering methodologies including both agile and waterfall, and who can effectively evaluate & articulate risk in practice as product teams & incident response teams continually improve their software engineering & product security talent, processes, and tooling
  • Help executives understand and scale the risks which their teams are running, and similarly understand the best opportunities for fastest & most efficient improvement

Qualifications & Competencies

Basic qualifications:

  • Experience with security risk evaluation in advisory or consulting capacities
  • Ability to quickly build and leverage trust with multiple engineering teams
  • Experience working with various technology stacks, and ability to quickly and efficiently pick up and analyze new product architectures and processes
  • Ability to rapidly learn deeply technical subjects, such as product security, and keep abreast with fast moving industries, such as security
  • Understanding of both agile and waterfall software development processes since many product teams are already agile and many product teams are earlier in that journey
  • Strong experience with architecture reviews and threat modeling
  • Strong experience with static and dynamic analysis tools, including findings analysis, defect triage, and related risk analysis
  • Leveled attitude toward security and business considerations
  • Strong presentation skills, ability to conduct security training to not only transfer knowledge, but also to inspire engineering teams, including senior engineers and architects, and other security leads
  • Strong experience coaching teams on all aspects of product security
  • Strong experience with 3rd party and open source software analysis and related tools
  • Ability to serve stakeholders with large, geographically distributed teams
  • Strong experience performing security development lifecycle gap analysis, building concrete prioritized plans for individual engineering teams based on their environment, and providing assistance with implementation of related solutions
  • Experience with security architecture at scale, and fluent in a broad range of relevant product security architectures, principles, components, and protocols

Preferred qualifications:

  • Experience leading change through collaboration, empathy, and patience
  • Additional experience leading software engineering, or a track record of success, advising software engineering teams
  • Experience with software and security engineering maturity and security risk evaluation models, including familiarity with the advantages and disadvantages of each.
  • Familiarity with multiple Secure Development Lifecycle (SDL/SDLC) methodologies, either as practiced and published by leading software companies, or other organizations such as SAFECode, OWASP/SAMM, BSIMM, NIST 800-64, SSE-CMM, FAA/iCMM, and others
  • Familiarity with multiple product security compliance and strategy frameworks, along with the advantages and disadvantages of each
  • Experience with penetration testing and security tools
  • Experience with embedded systems companies and/or physical product companies
  • A great combination of risk-tolerance, impatience, optimism, empathy, and vision, and a burning desire to make a difference

Education & Experience

  • B.S. in Computer Science, Electrical Engineering, or related field

Citizenship requirements: Candidate must be United States Citizen or Permanent Resident

United Technologies Corporation is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

Privacy Policy and Terms:

Click on this link to read the Policy and Terms


United Technologies Corporation is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age, or any other federally protected class.

Apply Now

Your Saved Jobs

You have not saved any jobs.

Recently Viewed Jobs

You have no recently viewed jobs.

Sign Up for Job Alerts

Get the latest career opportunities as soon as they become available.

Sign up

InterestedEnter category and/or location, then click ADD.

  • Information Technology, East Hartford, Connecticut, United StatesRemove