Cybersecurity & Application Specialist

Carrier Global Corporation, global leader in intelligent climate and energy solutions, is committed to creating solutions that matter for people and our planet for generations to come. From the beginning, we've led in inventing new technologies and entirely new industries. Today, we continue to lead because we have a world-class, diverse workforce that puts the customer at the center of everything we do. For more information, visit corporate.carrier.com or follow Carrier on social media at @Carrier. 

About This Role:

The Cybersecurity & Application Specialist operates independently, conducting multidisciplinary research and performing System Capability Analyses to assess end-user requirements. The role primarily focuses on ensuring the security of Sensitech’s products and digital environments by collaborating with product owners and development teams to identify, prioritize, and address security-related issues. Additionally, the specialist provides assurance, both internally and externally, to demonstrate the robustness of security measures in place. This position also interfaces directly with the Quality department, serving as the primary administrator for system access and permissions, and acting as the lead for configuration support within the electronic Quality Management System (e-QMS)

Job Description:

• Collaborate with Carrier cybersecurity teams to ensure compliance with established security standards and frameworks

• Coordinate and interpret the outcomes of internal and external penetration tests, ensuring timely resolution of identified issues

• Support compliance efforts, including completing cybersecurity questionnaires and participating in on-site audits

• Oversee scheduling and completion of audits and ongoing security assessments of software and IT environments

• Working with teams to prioritize and schedule findings from internal security audits, penetration testing, and external penetration testing

• Scheduling penetration tests with Carrier approved security vendors, analysis of results with any findings and working with product owners and teams to schedule work

• Provide real-time support during external audits by directly participating in and addressing auditor inquiries

• Develop and maintain slide decks that are cybersecurity focused which provide a high-level external entity-centric view of security architecture intended to answer security questions but not expose IP / detailed infrastructure

• Respond to RFP/RFQ-related cybersecurity questions and ensure alignment with customer expectations

• Serve as a point of contact with Carrier’s corporate cybersecurity team to align the best practices, tool usage, audit scheduling, and overall security strategy for new and existing products

• Act as liaison between the Quality department and Compliance Quest (e-QMS) regarding user access, permissions, and system functionality

• Serve as a subject matter expert (SME) in e-QMS processes and functionality

• Provide configuration support for specific e-QMS modules based on organizational needs

• Create and maintain a centralized knowledge base to capture frequently asked questions and guidance related to system usage and security

Required Qualifications:

• Bachelors of Science

• 3+ years of experience in Quality role  in a medical technology/pharmaceutical company

• 2+ years of experience CAQ knowledge

• 3+ years of experience in ISO 9001:2015

• 3+ years of experience in ISO 27001:2022

• 2+ years of experience working with MS SQL Server or Postgres

• 3+ experience working with public cloud providers such as Microsoft Azure or AWS

Preferred Qualifications:

• Bachelors of Science in Computer Science or Information Systems

• 1+ years of experience working with project management tools such as Jira, Rally, or TFS is preferred

• Knowledge of cybersecurity standards and principles, including secure coding practices, OWASP guidelines, and vulnerability assessment

• Excellent communication skills

• Strong SOA and distributed computing experience

• Experience working with microservices architectures

• Experience working in a distributed team environment

• Experience building and supporting a SaaS software platform

• Active interest in new technologies and emerging engineering practices

RSRCAR

#LI-onsite