Associate Tech Lead-Cybersecurity
At Trane TechnologiesTM and through our businesses including Trane® and Thermo King®, we create innovative climate solutions for buildings, homes, and transportation that challenge what’s possible for a sustainable world. We're a team that dares to look at the world's challenges and see impactful possibilities. We believe in a better future when we uplift others and enable our people to thrive at work and at home. We boldly go.
Job Summary
Trane Technologies is seeking a Cyber Security ATL our control product offerings to achieve our connected strategy. You will be responsible for leading a team of Red/Blue team which involves in conducting assessments of our product offerings to identify and mitigate security vulnerabilities. You will also be responsible for leading the development and implementing pen testing standards and procedures, as well as participating in architectural reviews and threat modeling exercises.
Responsibilities and Duties
- Managing Cybersecurity services specific to core platform system security, to include but not limited to
- Provide subject-matter-expertise in the discipline of Core Platform security to Cybersecurity operational teams, central technology engineering groups, enterprise architecture and line of business cyber security leader.
- Drive adoption of secure hardening and configuration practices in the systems security deployment cycle throughout central technology and line of business technical engineering teams, worldwide
- Provide consultancy for secure system design, development, engineering and operation.
- Manage program budget and financials.
- Manage program communications & status reporting.
- Identify and help implement continuous process enhancements/improvements to Cybersecurity Operations
- Coordinate resources (staff, equipment, vendors and consultants) across projects, managing the budget for assigned project(s), monitoring project progress (risks & issues) and adjusting resources and priorities accordingly.
- Prepare and present progress reports for management and ensure technologies are integrated properly to support the objectives of the Firmwide Cybersecurity Program.
- Contribute to the development of workflows to support the transition of strategic plans into practical implementation plans.
- Educate and implement security practices as a standard from the inception of the work.
- Managing standards, methodologies, procedures and manuals for Trane Technologies Software Development Lifecycle
- Managing security and vulnerability remediation expertise to technology stakeholders and partners.
- Provide guidance, insights or direction on technological, cyber security and policy related topics.
Qualifications and Skills
- Bachelor's degree/MTech with an emphasis on cyber security.
- Minimum 12+ years of overall experience in SDLC, security management and engineering expertise, Application Security, Network Security, Mobile Security, Software Security etc.
- Strong understanding of operational technology principles, concepts and techniques, system security vulnerability assessment and penetration testing for operational technology.
- Expertise in leading security projects (including reviews, tool development, and security best practices)
- Experience with severity ratings systems, and ability to calculate CVSS ratings for identified vulnerabilities.
- Knowledge of penetration testing techniques, application security vulnerabilities, OWASP Top 10, SANS 25, CWE, etc.
Preferred Certifications
- CISSP, OSCP, CISM, PMP, ITIL, CISA, IAM, CCSP, ISO, PMI
We offer competitive compensation and comprehensive benefits and programs. We are an equal opportunity employer; all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, pregnancy, age, marital status, disability, status as a protected veteran, or any legally protected status.