Director, Secure Servicing

What you will do

The future is being built today, and Johnson Controls is making that future more productive, more secure and more sustainable. We are harnessing the power of cloud, data analytics, the Internet of Things, and user design thinking to deliver on the promise of intelligent buildings and smart cities that connect communities in ways that make people’s lives – and the world – better.

In this career defining opportunity, you will report directly to the Chief Product Security Officer and lead cybersecurity initiatives which drive growth and differentiation for Johnson Controls. You will collaborate with stakeholders to ensure company programs, products, and solutions as installed and serviced in the field are compliant with Product Security governance. You will measure, influence, and lead initiatives around controls designed to reduce and / or mitigate cyber risk to our connect products’ customer base. In this pivotal role, you will lead efforts that ensure cybersecurity awareness amongst our Field Installation teams and reinforce customer trust in Johnson Controls products and solutions.

How you will do it

• Lead and supervise a team of regional cybersecurity leaders to ensure your department’s initiatives are deployed consistently across all field sites and teams globally.

• Manage an assessment program measuring compliance of installed products with controls such as hardening guides, NIST controls, and the ISA/IEC 62443 framework.

• Provide departmental input on budget plans, forecasts, and expenditures for Product Security.

• Manage multi-year vendor contracts and third-party partner relationships.

• Coordinate with legal and other regulatory and compliance groups to ensure the company is compliant with key laws, regulations, and certifications.

• Lead a Field Security Champion network of key field technicians to deploy training, communicate cyber guidance, and collect input and data on cyber aspects of field operations.

• Assist in cybersecurity risk and technology assessment of merger and acquisition opportunities.

• Use agile methodologies to manage resources and track milestones and deliverables.

• Define, gather, and monitor meaningful metrics for compliance and continuous improvement.

• Develop and maintain security technical documentation for internal and external use.

• Occasionally participate in cybersecurity committees, boards, councils and working groups.

What we look for

• Leadership experience managing product security governance and compliance requirements and risks.

• Track record of building cohesive teams and collaborating successfully with other functions.

• Technical and operational excellence, thought leadership, integrative thinking, and passion.

• Excellent problem-solving skills with the ability to assess and translate cybersecurity requirements from various sources into practical plans and schedules.

• Superior skill in written and verbal communications as well as planning/delivering presentations.

• Experience with Building Operational Technologies (e.g. Controls Systems, Building Management) a plus.

• Experience with technology related compliance and risk management related frameworks such as NIST SSDF / CSF, ISA/IEC 62443, ISO 27001, SOC 2 or others comparable.

• Bachelor’s degree in computer science, engineering, cybersecurity, or another technical field required; Master’s degree preferred.

• Minimum of 15 years of technical leadership experience with at least 7 years in cybersecurity.

• CISSP, CISM, CEH or related security certifications are a plus.

• Travel is occasional at 10-20%, including international.

Our culture

At Johnson Controls you’ll have the opportunity to work on some of the most exciting projects in today’s market. Our hardworking people empower us, and we believe in being part of a team that is open, collaborative, results-oriented, hardworking and above all fun. 

We believe that diversity and inclusion matter and make a difference. By embracing the true value of diversity and inclusion, getting comfortable with having crucial conversations, and valuing different perspectives, we will be one of the most desirable places to work.