Johnson Controls is powered by your talent. We are the power behind the customer mission. Together we are building a world that’s safe, comfortable and sustainable. Our diverse global team creates innovative, integrated solutions to make cities more connected, buildings more intelligent and environments more comfortable and secure. We are all about improving outcomes for our partners. Tomorrow needs your talent. Tomorrow needs you. So let’s talk today.

What you will do 

The future is being built today, and Johnson Controls is making that future more productive, more secure and more sustainable.  We are harnessing the power of digital platform, data analytics, design thinking, and the Internet of Things to deliver on the promise of intelligent buildings and smart cities that connect communities in ways that make people’s lives – and the world – better. 

In this career defining opportunity within the Global Product Security organization, you will be part of initiative that is instilling and maintaining trust in IT/OT/IoT products and solutions at the edge, as part of a digital twin, and in the cloud.   

As a Sr. PKI Principal Engineer, you will assist in integrating, supporting and the administration of cryptographic strategy and technologies throughout the life cycle of products (manufacturing through end-of-life), including providing subject matter expertise around PKI (Public Key Infrastructure), cryptographic protocols and key management. In this position, you will be the primary Johnson Controls contact concerning all product related PKI policies, PKI vendor support, and PKI incidents.  

This role is both strategic and tactical in nature and requires a candidate with a strong technical background and the ability to build relationships, mentor and consult at many levels as well as be an expert at applying PKI to Johnson Controls products.  

This role requires the utmost integrity, transparency, and clearances as needed by PKI policy.  You will serve as a foremost technical expert in PKI and exhibit utmost discipline and respect for protection of product, customer, collaborator, and company. 

How you will do it 

• Establish and manage certificate issuance, renewal, and revocation processes for device credentials.


• Coordinate the integration of new product provisioning and configuration processes.


• Maintain and manage all artifacts of authentication, non-repudiation, and situational status of every external and internal credential.


• Ensure PKI infrastructure elements expand and contract as needed by all products and that those changes are coordinated and effected in a safe, policy driven manner for each associated PKI.


• Work with PKI vendors, product developers, and Global Product Security PKI subject matter experts to accommodate new certificate types used by products and product service processes.


• Provide PKI expertise and guidance to product development teams, security architects, and security champions throughout all phases of the software development life cycle.


• Communicate PKI related security risks with business leaders, product and development engineers, and internal security assessment teams.


• Respond to security incidents that may arise with product credentials and/or the JCI PKI infrastructure used by products which impact their usage and integrity.


• Support internal PSIRT operations, vulnerability management actions, vulnerability disclosure processes, and security governance, risk management, and compliance functions.


• Analyze trust dependencies beyond the larger environment of deployed products.


• Collaborate with product, IT, and privacy teams on product related PKI risks and opportunities.


• Maintain current knowledge of PKI, certificate profiles and templates, key management, and changes in PKI policies and certificate practices that could impact products.


• Potential travel and could be 5%, including international

Required

• Bachelor’s degree in Cybersecurity, Computer Science, Engineering, Information Systems, or related technical degree


• 10 years of software or product cybersecurity experience with a focus on PKI (public key infrastructure)


• 5 years of experience with PKI processes and governance; establishment of PKI processes and PKI governance


• 5 years of program management experience (start to finish)


• 5 years of experience using modern cryptography and its common applications, such as - PKI, TLS 1.2/1.3, RSA/ECC cypher suites, DH key establishment, EST, OCSP, etc

Preferred

• Proficiency in a broad set of IT/OT network and system architectures, platforms, and tools


• Familiarity with cyber risk frameworks and standards such ISA/IEC 62443 and UL 2900


• Impeccable reputation for ethical security behavior and trust within the security community; ability to obtain Federal security clearance


• Articulate and persuasive with the ability to build trust with stakeholders and explain complex security topics to all audiences


• Skilled in analyzing, assessing, and constructing tools to collect insight into product related PKI metrics


• Professionalism and a proven track record of successful collaboration solving problems


• Familiarity with Operational Technologies and automation control systems


• PMP or equivalent experience


• OSCP, CEH, CSSLP or related hands-on cybersecurity certifications

Johnson Controls is a global diversified technology and multi industrial leader serving a wide range of customers in more than 150 countries. Our commitment to sustainability dates back to our roots in 1885, with the invention of the first electric room thermostat. We are committed to helping our customers win everywhere, every day and creating greater value for all of our stakeholders through our strategic focus on buildings.

Johnson Controls is an equal employment opportunity and affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, status as a qualified individual with a disability, or any other characteristic protected by law. For more information, please view EEO is the Law. If you are an individual with a disability and you require an accommodation during the application process, please visit www.johnsoncontrols.com/tomorrowneedsyou.