Johnson Controls is powered by your talent. We are the power behind the customer mission. Together we are building a world that’s safe, comfortable and sustainable. Our diverse global team creates innovative, integrated solutions to make cities more connected, buildings more intelligent and environments more comfortable and secure. We are all about improving outcomes for our partners. Tomorrow needs your talent. Tomorrow needs you. So let’s talk today.

The future is being built today, and we are making that future more productive, more secure, and more sustainable. We are harnessing the power of cloud, data analytics, the Internet of Things, and user design thinking to deliver on the promise of intelligent buildings and smart cities that connect communities in ways that make people’s lives – and the world – better.

We create smart building cybersecurity solution design and deployment. We promote effective risk management for secure digital and connected solutions across their operational lifecycle.

What you will do

You will lead the Product Security Incident Response (PSIR) processes for our security products companies including intrusion detection, video surveillance and access control systems.  This includes day to day execution as well as overall process and program leadership in responding successfully to product application security vulnerabilities including coordination between product teams and cybersecurity researchers. Our team is accountable for all playbooks and the corporate PSIRT plan. You will collaborate with our Product Security Architects and Champions to triage, respond, and escalate product risk issue and track to completion.

How you will do it

• Lead critical product security incident response events, coordinating multiple corporate functions including legal affairs, public relations, and product engineering.


• Lead colleagues in performing the intake, initial analysis, and execution of initial product security incident response (PSIR) activities including product vulnerability reports as well as customer site security critical issues.


• Lead continuous improvement of PSIR program in crafting, auditing, and improving PSIR Program documentation and communications results to include the PSIR Plan, playbooks, procedures, and Product Security Advisory content


• Ensure program is working efficiently with Secure Development Lifecycle (SDL) program, product service areas, product management and sales.


• Manage the response to inquiries from a variety of public and internal partners seeking assistance from our team.


• Manage relationships with government and private sector industry organizations as well as the security researcher community.


• Lead PSIR tabletop exercises with business units


• Lead content development for PSIR training materials.


• Collaborate in continued development of PSIRT tools and technologies


• Collaborate with industry and thought leadership groups

What we look for:

• Bachelor’s degree in Cybersecurity, Computer Science, Engineering, Information Systems, or related 2-year technical degree or equivalent experience.


• Minimum of 8 years of total experience with at least 2 years in a product security role.


• Must be a US Citizen.


• Current knowledge of emerging cyber security, technologies, threats, and vulnerabilities.


• Excellent interpersonal skills including written and verbal including the management of crisis response efforts.


• Excellent organization, project management approach


• Results oriented, motivated self-starter with high a level of initiative to drive tasks to completion and a desire for continuous learning.


• Strong interest in technology in general and specifically cybersecurity


• Attention to detail and passion for efficient data management and activity tracking.


• Strong analytical and problem-solving skills.


• Proven track record to work as a member of an interdisciplinary team in a collaborative and positive manner.


• CISSP, CISA or related cybersecurity and project management certifications are a plus.

Johnson Controls is an equal employment opportunity and affirmative action employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, status as a qualified individual with a disability, or any other characteristic protected by law. For more information, please view EEO is the Law. If you are an individual with a disability and you require an accommodation during the application process, please visit www.johnsoncontrols.com/tomorrowneedsyou.