Product Security Governance Leader
Honeywell
full-time
Posted on:
Location Type: Hybrid
Location: Phoenix • Arizona • United States
Visit company websiteExplore more
Job Level
Tech Stack
About the role
- Define and implement Honeywell Aerospace’s product security governance framework aligned with industry standards (DO-326A, DO-356A, CRA, Part IS, NIST, etc.).
- Develop policies, procedures, and metrics to measure product security maturity across programs.
- Lead risk management processes for product cybersecurity, ensuring proactive mitigation strategies.
- Ensure compliance with FAA, EASA, DoD, and other global aerospace cybersecurity regulations.
- Partner with legal and compliance teams to monitor evolving regulatory landscapes and integrate requirements into product development.
- Collaborate with engineering, IT, supply chain, and program management to embed security governance into product lifecycle processes.
- Drive secure development practices, including threat modeling, vulnerability management, and secure coding standards.
- Lead internal and external audits related to product security governance.
- Establish reporting mechanisms for executive leadership and regulatory bodies.
- Champion a culture of security awareness across engineering and product teams.
- Develop training programs to ensure compliance with governance policies.
Requirements
- 5 + years managing governance and risk portfolios.
- Knowledge of product cybersecurity standards.
- Experience with risk management, audit processes, and executive reporting.
- Knowledge of product cybersecurity risk frameworks.
- Strong leadership, communication, and stakeholder management skills.
- Ability to influence across global, cross-functional teams.
- Bachelor’s degree in Computer Science, Cybersecurity, Engineering, or related field.
- Knowledge of Secure Software Development Lifecycle (SSDLC).
- Knowledge of Secure System Development Lifecycle.
- Experience with product security lifecycle.
- Black Belt/Six Sigma Experience.
- Experience with product level Governance Risk and Compliance (GRC).
- Experience understanding and mapping control frameworks cross-functionally (cloud, infrastructure, product).
- Good communication and leadership skills.
- Good interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among project stakeholders.
- Certifications in security and privacy demonstrating deep practical knowledge such as CISSP/CISM/ CGRC.
- Must be a U.S. citizen, U.S. permanent resident, or have asylum or refugee status in the U.S.
Benefits
- Health insurance
- 401(k) matching
- Flexible work arrangements
- Professional development opportunities
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
product security governancerisk managementaudit processesproduct cybersecurity standardsSecure Software Development Lifecycle (SSDLC)Secure System Development LifecycleGovernance Risk and Compliance (GRC)threat modelingvulnerability managementsecure coding standards
Soft Skills
leadershipcommunicationstakeholder managementinfluenceinterpersonal skillsnegotiationconflict resolutiontraining developmentsecurity awarenesscollaboration
Certifications
CISSPCISMCGRCBlack BeltSix Sigma