Job Description

Principal Product Security Engineer
Pune

-

IN
Apply now

What we look for

· Technical and operational excellence, thought leadership, and integrative thinking.

· Expert knowledge and practical product and software security experience, including secure SDLC practices, security and privacy by design architectures, and secure by default configurations.

Strong problem-solving skills to analyze cybersecurity issues and requirements (legal/regulatory, policy, customer, industry standards) and relate them to appropriate security controls.

· Demonstrated ability to lead change initiatives that intelligently manage software cyber risks.

· Proven ability to deliver results using agile methodologies and tools (e.g. Scrum/Kanban, Jira).

· Understanding of agile software development and continuous integration/deployment.

· Practical experience with Linux OS, programming and scripting languages (e.g. Java, Python, Perl), and security tools (e.g. Kali, Nessus, Netsparker, openVAS, BurpSuite, Metaspolit).

· Understanding of embedded systems architectures (e.g. ARM, Cortex), embedded systems tools/emulators, RTOS/Linux, network protocols and programming languages (such as C/C++).

· Understanding of penetration testing, reverse engineering, software attack vectors, fault injection, device fingerprinting, and tamper resistance.

· Understanding TPM, Secure Boot, OTP, PKI, SPI/I2C bus analyzers, JTAG probing.

· Knowledge of current security threats and techniques for exploiting software vulnerabilities.

· Understanding of web and mobile application secure design principles such as OWASP.

· Understanding of data protection, secure cloud, and network infrastructure design principles.

· Familiarity with technology risk management related frameworks such as RMF, NIST 800-53, ISA/IEC 62443, UL CAP, ISO 27001, GDPR, CSL, CSA, SOC 2 and other comparable.

· Experience with Operational Technologies (e.g. Controls Systems, Building Management) a plus.

· Superior interpersonal, organizational, written/verbal communication, and presentation skills.

· Ability to build trust with stakeholders and explain complex security topics to all audiences.

· Active participation in hackathons, cybersecurity competitions, and exercises are a plus.

· CSSLP, CISSP, CCSP, OSCP, CEH or related cybersecurity certifications.

· Bachelors degree in Cybersecurity, Computer Science, Engineering, Information Systems, or related technical degree.

· Minimum of 7 years of experience with at least 5 years in software or product cybersecurity.

· Travel is occasional at approximately 10%, including international.

First name
*

Last name
*

Email address
*

Location
*

Phone number
*

Import profile
*

Import LinkedIn profile

or

Upload file (doc, pdf)

By submitting this application you agree that we process this data for recruitment purposes only and we will keep it until this open role is filled. When that period is over, we will either delete your data or inform you that we will keep it in our database for future roles.

I have read and I accept the policy for processing personal data.

My Information

My Experience

Application Questions

Review

My Information

My Experience

Application Questions

Review

Upload Resume/CV (5MB max)
*

Upload Resume to use AI fields extractor

How did You hear about us? *

Country *

Contact Information

Email address *

Country / Territory Phone Code

Phone number *

Phone extension

I confirm that I am submitting this electronic application on my own behalf, and not on behalf of any other person, and that the information contained in this application is my own personal information. I hereby affirm that the information provided during the application process and any accompanying documents attached including my resume/CV or provided during any discussion or interviews, are true and complete to the best of my knowledge. To the extent permitted by applicable local law, I authorize Johnson Controls and its affiliates, subsidiaries and operating segments (collectively, the Company) to investigate all statements in this application and accompanying documents and to secure any necessary information from all my employers, references, and educational institutions.

I understand that should I receive an offer of employment with Johnson Controls, such offer is conditional on successful completion of all aspects of the application process including such background and reference checks as are applicable and permitted under local law. Submission of this electronic application by me does not constitute to me an offer of employment, an employment agreement or any other contractually binding commitment by Johnson Controls.

I understand and agree that the information submitted by me will be used, disclosed and stored in accordance with Johnson Control's Privacy Notice, which I have fully reviewed and accept. For individuals located in the United States, applicants are not required to provide any age related information and/or graduation date(s). We will transfer your personal information across borders in accordance with the Privacy Notice. To the extent permitted by applicable local law, by clicking the button below, you consent to the cross-border transfer of your personal information. For individuals located in China: please read the Addendum – Rules on Cross Border Transfer of personal information for China (HR Management). By clicking the button below, you consent to Johnson Controls collecting, processing and transferring your personal information (including sensitive personal data) in accordance with our Privacy Notice and the Addendum for China.

To provide you with the most effective recruiting process, Johnson Controls may use artificial intelligence (“AI”) to help us better understand how your candidate information matches the requirements of the role you have applied to. We may process your answers to the application and qualification questions, information in your resume, and, if applicable, information from your Johnson Controls personnel record, using tools that rely on AI. All hiring decisions will be made by the hiring team after considering your candidate profile in full. These tools help us to match the information provided by you with the job and preferred qualifications. All hiring decisions will be made by our hiring team after considering your candidate profile in full, and the use of AI insights is just one of the tools and one of numerous factors that we use to help us evaluate candidates and reach a decision.

Johnson Controls would also like to consider you for additional and future job openings, and we may use AI to help with this process. These AI tools help us understand how your candidate information matches the requirements of future job openings (using the same process as described above). Johnson Controls recruiters may use these insights to help them decide whether to reach out to you to regarding a future job opening. If you are located in the United Kingdom or European Union, the use of the AI insights is necessary for Johnson Controls’ legitimate interests to provide a streamlined and efficient recruitment process, and to consider you for future roles. Please note, the use of AI insights is just one of the tools and one of many factors our recruiters use to help evaluate candidates for upcoming roles.

DO NOT E-SIGN UNTIL YOU HAVE READ THE ABOVE STATEMENT.

I certify that I have read, fully understand and accept all terms of the above statement and that I consent (where applicable) to the Privacy Notice and the Addendum for China. *

Work Experience

Work Experience

Remove

Job title *

Company *

Location

I currently work here

From *

To *

Role description

+ Add work experience

Education

Education

Remove

School or University *

Degree *

Field of Study

Overall result (GPA)

From

To (Actual or Expected)

+ Add education

Skills

Please provide your relevant Skills Type to add Skills

Websites
Add any relevant websites (include https:// in URL)

Website

Remove

URL *

+ Add websites

Application Questions

Are you at least 18 years of age? (If not, your employment is subject to verification that you are of at least legal age and that you are able to supply any required work permit) *

Are you legally eligible to work in the country to which you are applying? *

Will you now or in the future require sponsorship for employment Visa status to be eligible to work in the country to which you are applying?
(e.g., H-1B Visa status/Work Visa/Work Permit) *

Have you signed an employment agreement or any kind of restrictive covenant, covenant not to compete, non-solicitation, or a contract of any kind that might restrict your ability to perform duties for this Company? *

What is your annual salary expectation for the role to which you are applying?

Personal Information
Johnson Controls values a diverse and inclusive workplace. Providing this information will help us to ensure our recruitment practices promote equality of opportunity.
Your response to the self-identification questionnaire below is voluntary. It is however mandatory to answer the questions, even if you choose not to provide the information.
The information will be kept anonymous and your answer will be treated with the strictest confidence and protected from misuse. We assure you that your answers will be used only for the purposes of monitoring our equal opportunities policy and will not be used by us to make any unlawful decisions affecting you, whether in a recruitment exercise or during the course of any employment with us.

You are not obliged to provide this information and you will not suffer any penalty if you choose not to do so.

Please select your gender which most accurately describes how you identify yourself *

My Information

Edit Hide

My Experience

Edit Show

Application Questions

Edit Show

Previous step Next step

Apply now

CONNECT WITH us