Cloud Development Cybersecurity Architect

Carrier is the leading global provider of healthy, safe and sustainable building and cold chain solutions with a world-class, diverse workforce with business segments covering HVAC, refrigeration, and fire and security. We make modern life possible by delivering safer, smarter and more sustainable services that make a difference to people and our planet while revolutionizing industry trends. This is why we come to work every day. Join us and we can make a difference together.

About This Role

The purpose of the Global Product Security group is the enhancement of Carrier products and services, and assurance of cyber competitive advantage by driving:

• Secure development, continuous improvement and security maturity of products and services
• Assurance of secure operations, response, support, and channel engagement for all offerings
• Product innovation and differentiation leveraging cybersecurity capabilities and expertise 

Our mission is the support and fulfillment of all production, operational and commercial cyber-related demand, objectives, and requirements, such that the success of all Product Security stakeholders is achieved, and strategic opportunities for Carrier are realized.

Key Responsibilities:

• Supports all phases of the secure engineering, support, and development lifecycles in collaboration with multifunctional leaders, stakeholders, contributors, and businesses
• Drives secure development principles, practices and activities within engineering and production to help quantify cybersecurity risk, issues, and defects within Carrier offerings, such that teams may appropriately characterize, manage, and remediate to standard 
• Coordinates with production to help scope projects, define cybersecurity requirements, perform gap analysis, refine functional requirements, and road map residual cyber risk 
• Architects solutions and designs security controls to meet secure design requirements, support cyber related feature and function development, implement security related modules and solutions, and fosters new product development and innovation
• Supports Product Security activities such as threat modeling, security assurance testing, cyber risk assessment, security reviews and threat vulnerability assessment for all offerings
• Provides technical leadership, mentorship, and training
• Leads business units and projects through security certification and accreditation
• Provides timely and expert support to resolve difficult problems and issues
• Provides cybersecurity thought leadership, advisement, mentorship, training, and engagement
• Provides audit, analysis, and review support for certification, standards, governance, process, infrastructure, deployment and all collaborative mission areas, Carrier brands and businesses
• Supports ad hoc initiatives within the cybersecurity-engineering domain, as needed
• Provides critical support as required for all major Product Security missions, including Secure Development, Operations, Commercialization, and Innovation
• Positions Carrier in a world class position within the Product Security domain

Required Qualifications:

• Bachelor’s degree
• 6+ years of software development experience
• 3+ years of cloud system design and architecture experience
• 5+ years of system design and architecture experience
• Travel 5% of average workweek, including air travel, overnight hotel stays, and unexpected travel when required.

Preferred Qualifications:

• Deep knowledge of cloud architecture, cloud native patterns, and cloud computing capabilities especially as offered by AWS
• Significant technical expertise in Cloud Computing technologies, scripting languages, integrating 3rd party monitoring tools, encryption tools and best practices, and forensics
• Implementation experience with enterprise security solutions such as WAF, IDS/IPS, Anti-DDOS, and SIEM
• Working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, etc.)
• Experience with deployment orchestration, automation, and security configuration management (CircleCI, Jenkins, Puppet, Chef, Ansible, etc.)
• Strong skills and experience in Analytics Cloud migration and implementation, AWS services related to analytics, AI/ML, CI/CD
• Experience developing highly scalable applications using service-oriented, microservice, and/or RESTful
• API based architectures at an enterprise scale
• Experience in messaging platforms, protocols, and technologies
• Expertise with database technologies
• Experience in EMR, Hadoop, HIVE, S3, etc.
• Experience in managing and optimization Big Data / Hadoop clusters
• Design for failover, high availability, MTTR, MTTF and MTBF
• Experience in designing and implementation of automated backup and restoration of application/web servers/databases/data lakes
• Experience in networking, including security analysis, firewall configuration, and Infrastructure as Code (IaC)
• Experience with container technologies (AWS – ECS/EKS/Fargate, Kubernetes, etc) as well as AWS serverless technologies and architecture patterns
• Experience in using AWS Key management systems (KMS)
• Familiarity with service Mesh technologies (App mesh, Istio, Envoy, Consul, etc)

#LI-Remote

RSRCAR