Cybersecurity & Application Specialist

Country:

United States of America

Location:

CAM60: Sensitech, Inc 800 Cummings Center, Beverly, MA, 01915 USA

Carrier Global Corporation, global leader in intelligent climate and energy solutions, is committed to creating solutions that matter for people and our planet for generations to come. From the beginning, we've led in inventing new technologies and entirely new industries. Today, we continue to lead because we have a world-class, diverse workforce that puts the customer at the center of everything we do. For more information, visit corporate.carrier.com or follow Carrier on social media at @Carrier. 

About This Role:

The Cybersecurity & Application Specialist operates independently, conducting multidisciplinary research and performing System Capability Analyses to assess end-user requirements. The role primarily focuses on ensuring the security of Sensitech’s products and digital environments by collaborating with product owners and development teams to identify, prioritize, and address security-related issues. Additionally, the specialist provides assurance, both internally and externally, to demonstrate the robustness of security measures in place. This position also interfaces directly with the Quality department, serving as the primary administrator for system access and permissions, and acting as the lead for configuration support within the electronic Quality Management System (e-QMS)

Job Description:

• Collaborate with Carrier cybersecurity teams to ensure compliance with established security standards and frameworks

• Coordinate and interpret the outcomes of internal and external penetration tests, ensuring timely resolution of identified issues

• Support compliance efforts, including completing cybersecurity questionnaires and participating in on-site audits

• Oversee scheduling and completion of audits and ongoing security assessments of software and IT environments

• Working with teams to prioritize and schedule findings from internal security audits, penetration testing, and external penetration testing

• Scheduling penetration tests with Carrier approved security vendors, analysis of results with any findings and working with product owners and teams to schedule work

• Provide real-time support during external audits by directly participating in and addressing auditor inquiries

• Develop and maintain slide decks that are cybersecurity focused which provide a high-level external entity-centric view of security architecture intended to answer security questions but not expose IP / detailed infrastructure

• Respond to RFP/RFQ-related cybersecurity questions and ensure alignment with customer expectations

• Serve as a point of contact with Carrier’s corporate cybersecurity team to align the best practices, tool usage, audit scheduling, and overall security strategy for new and existing products

• Act as liaison between the Quality department and Compliance Quest (e-QMS) regarding user access, permissions, and system functionality

• Serve as a subject matter expert (SME) in e-QMS processes and functionality

• Provide configuration support for specific e-QMS modules based on organizational needs

• Create and maintain a centralized knowledge base to capture frequently asked questions and guidance related to system usage and security

Required Qualifications:

• Bachelors of Science

• 3+ years of experience in Quality role  in a medical technology/pharmaceutical company

• 2+ years of experience CAQ knowledge

• 3+ years of experience in ISO 9001:2015

• 3+ years of experience in ISO 27001:2022

• 2+ years of experience working with MS SQL Server or Postgres

• 3+ experience working with public cloud providers such as Microsoft Azure or AWS

Preferred Qualifications:

• Bachelors of Science in Computer Science or Information Systems

• 1+ years of experience working with project management tools such as Jira, Rally, or TFS is preferred

• Knowledge of cybersecurity standards and principles, including secure coding practices, OWASP guidelines, and vulnerability assessment

• Excellent communication skills

• Strong SOA and distributed computing experience

• Experience working with microservices architectures

• Experience working in a distributed team environment

• Experience building and supporting a SaaS software platform

• Active interest in new technologies and emerging engineering practices

RSRCAR

#LI-onsite

Carrier is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. Carrier provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans’ Readjustment Assistance Act. 

Job Applicant's Privacy Notice:

Click on this link to read the Job Applicant's Privacy Notice