United Technologies Corporation Security Engineer, Product Security Incident Response Team in East Hartford, Connecticut
Job ID: 01308730
City: East Hartford
Country: United States
Job Type: Full Time
United States of America
UT13: RC-CT - Corp 411 Silver Lane, East Hartford, CT, 06108 USA
United Technologies Corp . (UTC; NYSC: UTX), headquartered in Farmington, Connecticut, is a global leader in aerospace and building technologies. Our aerospace businesses — Collins Aerospace Systems and Pratt & Whitney — are redefining the future of flight with next-generation aircraft engines and integrated systems and components. Our commercial businesses — Carrier and Otis — are pioneering intelligent building solutions and services that enable people to live and work in more modern, safe, secure and sustainable environments. We are a company of 240,000 people, founded by some of the world’s greatest inventors and committed to tackling some of society’s biggest challenges.
United Technologies Corporation was founded by some of the world’s greatest inventors. We helped build the Second Industrial Revolution and brought about a century of urbanization and globalization. Now we need your help to build the next one.
Tech@UTC is the UTC technology organization, comprised of the global engineering function, several focused centers of expertise, our skunkworks organization – United Technologies Advanced Projects (UTAP), and our advanced Research & Development lab – United Technologies Research Center (UTRC). By combining a passion for science with precision engineering, we create smart, sustainable solutions that prove we can do the big things the right way. We put the “T” in UTC.
As great physical products like jet engines, elevators, avionics, HVAC, door locks, and smoke detectors get “smarter,” becoming increasingly connected, security becomes increasingly important. The mission of the newly created Product Security Center of Expertise (PSCOE) is to ensure the digital security of these
In this position, the right candidate will be responsible for managing and dispositioning product security vulnerability reports related to UTC or its business unit’s product portfolio.You will need a strong technical background encompassing both hardware and software, as well as knowledge of specific security frameworks, since you will be working with the product teams and external security researchers to access the risk of a vulnerability and recommend/decide on the appropriate response for UTC.Once familiar with the product portfolio of UTC, you will be responsible for leading teams driving the incident response to product security vulnerabilities.
Key Job Responsibilities:
Candidates MUST have a technical background, knowledge of security concepts and experience leading or participating in projects
Candidates should be action-orientated, independent and able to anticipate difficult situations and to proactively plan a response to a product security issue
Given the amount of interaction with various individuals, groups, and business units, strong interpersonal, oral, and written communication skills are a necessity for this role
Ability to work effectively in situations involving uncertainty or lack of information and respond favorably to change, be able to achieve objectives working with others across various teams and organizations
Follow processes and systems to support the success of UTC’s product security response capability
Keep informed regarding pending industry changes, trends, and best practices and assess the potential impact of these changes on organizational processes. Maintain expertise on security trends through training, research and development to mitigate potential security exposures and stay current on a changing threat landscape. Train other staff and external clients as necessary.
Qualifications & Competencies:
Ability to interface with all levels within organization and provide input to facilitate decisions.
Analytical skills and ability to formulate and articulate recommendations.
Ability to multi-task and prioritize in fast changing environment.
Ability to investigate the impact of security related issues.
Triage incident reports and determine cybersecurity risk impact on UTC’s product portfolio.
2+ years of practical security in product/cyber security.
A solid understanding of the potential sources of risk and how to manage risk.
Previous experience working in a PSIRT or product security role.
Proficiency with risk management tools such as RSA Archer or The Hive Project.
Knowledge in Incident Response, analysis and remediation.
Experience with ongoing security research against various products and infrastructure and ability to apply that knowledge to product security incident response.
Extensive network of contacts including security researchers, security industry experts, members of key bodies FIRST, ICASI, MITRE, CERT, etc., and industry incident response professionals.
Education & Experience :
Bachelors degree in Computer Science, Electrical engineering or related field
Security Professional Certification (CISSP or GCIH) desirable or the ability to obtain in the first 6 months after hire.
PSIRT, IR experience or product security experience.
Candidate must be a US Citizen or Perm Resident
United Technologies Corporation is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.
Click on this link to read the Policy and Terms
United Technologies Corporation is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age, or any other federally protected class.
Thank you for your interest in a career at United Technologies! We will soon upgrade to an improved job application system to simplify the apply experience. You will still be able to apply to any of our current job openings through December 18, 2018. On January 2, 2019, our new and improved job application system will launch; please check back on that date to see all of our job openings.