The candidate will be principally responsible for working with Honeywell’s suppliers to advance and confirm Honeywell’s security requirements with its suppliers. Additional responsibilities include supplier risk assessment, exception analysis and compliance tracking.

• Follow processes and procedures to review and ensure adherence to established practice including:
  • Initiate, reconcile and validate supplier security questionnaire responses
  • Review/confirm advancement of applicable security controls
  • Respond to internal and external questions regarding applicable security controls
• Prepare and conduct risk assessment reviews and reports of supplier provided material including assessment responses and system and organization controls (SOC) reports
• Prepare reports on a weekly and monthly basis (assessment status, findings, etc)
• Maintain records for security exhibit negotiation (including emails and approved documents)
• Provide timely responses (SLA is 3 business days)
• Upload working documents, including correspondence, into the respective applications

• Broad information security experience
• Advanced English writing and speaking
• Proficient project management best practices

Skills Desired

• Strong technical writing and public speaking
• Audit/assessment experience
• People management experience

Qualifications:

• Must be able to think and function in a global marketplace
• Must have excellent verbal and written communications skills 
• Must be a self-starter, with limited supervision & be able to work effectively in a global diverse environment
• Must be results focused
• Preference will be given for the following certifications: Security+, CISA, CISM, CISSP, CRISC, PMP
• Preference will be given to applicants with knowledge of global laws and regulations: SOX, PCI, HIPAA, ITAR/EAR, Data Privacy, EU Guidance
• Preference will be given to applicants with knowledge of best practices: CoBIT, ISO, ITIL

Basic Qualifications

Education Required: B.S. in Business Information Systems or similar degree required or equivalent experience.

Experience required:  3+ years of information security experience. Prefer those with additional experience in risk assessment, contract negotiation and security compliance.