Product Security Governance Leader

Job Description

Job Description

Join a cutting-edge aerospace product security team shaping the future of secure flight systems and defense technologies. The Product Security Governance and Risk Leader will be responsible for establishing, leading, and continuously improving Honeywell Aerospace's product security governance framework. This role ensures that all aerospace products meet stringent cybersecurity, safety, and compliance requirements across their lifecycle. The leader will act as a bridge between engineering, compliance, and executive leadership, driving secure-by-design principles and regulatory adherence in a highly complex, global environment.

Responsibilities
As a key leader in our growing product security team, you'll leverage your proven experience and...

Governance & Strategy

• Define and implement Honeywell Aerospace's product security governance framework aligned with industry standards (DO-326A, DO-356A, CRA, Part IS, NIST, etc.).
• Develop policies, procedures, and metrics to measure product security maturity across programs.
• Lead risk management processes for product cybersecurity, ensuring proactive mitigation strategies.
• Compliance & Regulatory Oversight
• Ensure compliance with FAA, EASA, DoD, and other global aerospace cybersecurity regulations.
• Partner with legal and compliance teams to monitor evolving regulatory landscapes and integrate requirements into product development.

Cross-Functional Leadership

• Collaborate with engineering, IT, supply chain, and program management to embed security governance into product lifecycle processes.
• Drive secure development practices, including threat modeling, vulnerability management, and secure coding standards.
• Audit & Assurance
• Lead internal and external audits related to product security governance.
• Establish reporting mechanisms for executive leadership and regulatory bodies.

Training & Culture

• Champion a culture of security awareness across engineering and product teams.
• Develop training programs to ensure compliance with governance policies.

Qualifications
YOU MUST HAVE

• 5 + years managing governance and risk portfolios.
• Knowledge of product cybersecurity standards.
• Experience with risk management, audit processes, and executive reporting.
• Knowledge of product cybersecurity risk frameworks.
• Strong leadership, communication, and stakeholder management skills.
• Ability to influence across global, cross-functional teams.

WE VALUE

• Bachelor's degree in Computer Science, Cybersecurity, Engineering, or related field.
• Knowledge of Secure Software Development Lifecycle (SSDLC),
• Knowledge of Secure System Development Lifecycle
• Experience with product security lifecycle
• Black Belt/Six Sigma Experience
• Experience with product level Governance Risk and Compliance (GRC)
• Experience understanding and mapping control frameworks cross-functionally (cloud, infrastructure, product)
• Good communication and leadership skills
• Good interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among project stakeholders
• Certifications in security and privacy demonstrating deep practical knowledge such as CISSP/CISM/ CGRC

Due to compliance with U.S. export control laws and regulations, candidate must be a U.S. citizen, U.S. permanent resident, or have asylum or refugee status in the U.S.