Key skills
RepositoryLeadershipCommunication
About this role
Honeywell is a leading software-industrial company that invents and commercializes technologies addressing critical challenges. In this role, you will lead the design and implementation of cybersecurity solutions while managing compliance requirements and collaborating with cross-functional teams to enhance security measures.
Responsibilities:
- Manage Honeywell’s ongoing Cybersecurity Maturity Model Certification (CMMC) compliance requirements for the US Department of Defense
- Manage CUI assets with service owners
- Understand app and child asset relationships and requirements for CUI
- Clarify and update the CMDB asset governance fields (e.g., CUI flag, location)
- Works with service owners providing CUI information and guidance
- Coordinates CMDB security compliance field updates
- Asset inventory data analysis and reporting
- Track service owner actions for outstanding remediation requirements
- Supported laptop compliance efforts (e.g., tech debt)
- Manage evidence requirements
- Reach out to control owners for clarification
- Schedule and lead meetings, coordinates actions
- Move evidence to Redspin repository, name appropriately
- Update the tracking documentation
- Manage CRMs (Customer Responsibility Matrices)
- Understand and document the mapping of NIST SP 800-171 to the FedRAMP framework
- Converted FedRAMP documentation to CMMC CRMs for ESPs (External Service Providers)
- Set and led meetings with multiple internal and external SMEs to build and acquire the required CRMs
- Establish and maintain the CMMC MOS
- Weekly, monthly and periodic actions for CUI assets and sites
- Built and maintain process documentation (requires process knowledge)
- Provide mentorship to new team members
- Lead the design and implementation of cutting-edge cybersecurity solutions to protect critical assets and information
- Conduct in-depth security assessments and risk analysis to identify vulnerabilities and recommend mitigation strategies
- Collaborate with cross-functional teams to integrate security measures into the development lifecycle of products and systems
- Act as a technical mentor, providing guidance and support to junior cybersecurity professionals
- Participate in incident response activities, contributing technical expertise to resolve security incidents promptly
Requirements:
- Bachelor's degree from an accredited institution in a technical discipline such as science, technology, engineering, mathematics
- 5+ years of experience in a cyber security position
- In-depth knowledge of cybersecurity technologies, frameworks, and best practices
- Excellent communication and ability to convey complex technical concepts to stakeholders
- Ability to lead direct and indirect reports by influence
- Experience with US Department of Defense cybersecurity requirements (mainly CMMC program)
- Relevant certifications such as CISSP, CISM, or GIAC are highly desirable
- Demonstrated leadership skills and experience managing cybersecurity teams
- Strong communication and interpersonal skills, with the ability to convey complex technical concepts to non-technical stakeholders