-
ID
#5084161 -
Salary
TBD -
Source
Trane Technologies -
Date
2020-10-20 -
Deadline
2020-12-18
Security and Compliance Leader
Virginia, Arlington 00000 Arlington USAVacancy expired!
Security and Compliance LeaderMinneapolis MN 314 W 90th St, Minneapolis, Minnesota, United States7 additional locationsUnited States, Texas, AustinUnited States, Texas, DallasArlington, Virginia, United StatesChicago, Illinois, United StatesDavidson NC 800E Beaty St, Davidson, North Carolina, United StatesUnited States, Georgia, AtlantaUnited States, Wisconsin, La CrosseGeneralRequisition # 2004056Total Views 1939At Trane Technologies® we Challenge Possible. Our brands – including Trane® and Thermo King® - create access to cooling and comfort in buildings and homes, transport and protect food and perishables, connect customers to elevated performance with less environmental impact, dramatically reduce energy demands and carbon emissions, and innovate with a better world in mind. We boldly challenge what’s possible for a sustainable world.Open to anywhere in the US and remote work optionDo you want to help save the planet? Do you want to directly contribute to an organization committed to reduce its customer carbon footprint by 1 Gigaton of Carbon Dioxide? As a world leader in creating comfortable, sustainable and efficient environments, it’s our responsibility to put the planet first. For us at Trane Technologies, sustainability is not just how we do business—it is our business. Sustainability is at the center of our strategy and influences how we make every decision.Our Thermo King business is connecting our transport HVAC and refrigeration products and providing digital solutions to help our customers efficiently protect drivers, passengers, and cargo. Using our connected solutions, our customers reduce fuel consumption, carbon emissions, and downtime while increasing the comfort and safety of passengers and shelf life of cargo, including essential cargo like food and pharmaceuticals.We are hiring an experienced Security and Compliance Leader , who will be responsible for ensuring that Thermo King’s connected products are secure, compliant with internal policies and external regulations, and provide capabilities that facilitate customer regulatory compliance. Security responsibilities include proactive security measures during development of new products and features, as well as ongoing security assessment and assurance for existing solutions. Compliance responsibilities include implementation and assessment of internal controls, support for internal and external audits, and definition, execution, and assessment of solutions to ensure compliance with external regulations. In addition, the Security and Compliance leader will monitor regulatory trends and identify solutions that ease customer compliance with applicable regulations, including food safety regulations like FSMA and environmental regulations like those issued by CARB.ResponsibilitiesLearn and adapt to Trane Technologies security strategies, security goals, security objectives and security capabilities to provide a mature and effective vulnerability management methodology
Provide strategies on vulnerability, configuration, and cloud security scanning
Advise on policy creation based on industry benchmarks and Trane Technologies security practices
Provide technical authority, vision, and guidance to ensure the continued evolution of Thermo King Connected Solutions security & vulnerability program
Monitor endpoint security trends and emerging security threats and recommend changes to policy, procedures and tools
Establish strong working relationships with different parts of the business to provide guidance on remediation of findings
Drive operational efficiency and effectiveness for areas of responsibility, ensuring strong documentation, knowledge overlaps, and metrics-driven action, with an emphasis on automation and scalable solutions
Work cross-functionally with product management and distributed systems engineering teams to complete large scale projects with impact across the company
Adapt to change quickly and eagerly: changing requirements, changing priorities, changing strategies
Advocate security and secure practices throughout Thermo King
Utilize dynamic and static analysis software tools (DAST/SAST) to identify vulnerabilities and configuration issues
Design, implement, administer, and test firewalls, software, and/or hardware.
Consult with development teams to implement best practices
Perform analysis of access control and violations.
Perform audits to ensure compliance with internal security standards and regulatory requirements.
Prepare detailed written analyses of findings and recommend remediation/prevention solutions.
Review, monitor, and understand internal controls policies and procedures and apply them to the procedures used for development and operation of Thermo King’s connected solutions
Review, monitor, and understand external regulations, ensuring compliance by Thermo King’s connected solutions, including data privacy and protection of Thermo King’s intellectual property and the intellectual property of others
Monitor external regulations affecting Thermo King’s customers, including food safety regulations like FSMA and environmental regulations like those issued by CARB, and recommend solution capabilities to ease compliance by our customers
Qualifications:10+ years’ experience in cyber security with proven application security experience
2+ years of public cloud experience
Bachelor’s degree in management of information systems, computer science, engineering or relevant field
Knowledge and understanding of Vulnerability Management and Security Testing lifecycles, processes, and procedures
Experience with Cloud Security and deploying enterprise-wide controls in AWS preferred
Experience troubleshooting issues and providing customer support
Ability to translate strategic or operational goals to technical and tactical requirements and architectures
Fundamental understanding of accepted security practices, known attack vectors, and vulnerability assessment methodologies
Strong understanding of Information Security principles and technologies
Experience with networks, firewalls, endpoint protection, log management, and patch management preferred
Familiarity with industry blogs, key publications in the field of security, and awareness of any recent significant security events
Security certification such as SANS/ GIAC, or Certified Information Systems Security Professional (CISSP), or equivalent
Knowledgeable in performing programming and scripting tasks.
Experience with DAST/SAST methodologies and tools
Experience with architecture and design of modern applications and web services
Knowledge and understanding of one or more: Checkmarx, Veracode, Fortify, BurpSuite Pro, AppScan, HTML, XML, Java, JSP, Web Development
Familiarity with regulations in North America related to data privacy, food safety, environmental protection, and intellectual property
We offer competitive compensation and comprehensive benefits and programs that help our employees thrive in both their professional and personal lives. We are proud of our winning culture which is inclusive and respectful at its core. We share passion for serving customers, caring for others, and boldly challenging what’s possible for a sustainable world.We are committed to achieving workforce diversity reflective of our communities. We are an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identify, national origin, pregnancy, age, marital status, disability, status as a protected veteran, or any legally protected status.
Vacancy expired!