Cybersecurity & Application Specialist

Country: United States of America

Location: CAM60: Sensitech, Inc 800 Cummings Center, Beverly, MA, 01915 USA

Carrier Global Corporation, global leader in intelligent climate and energy solutions, is committed to creating solutions that matter for people and our planet for generations to come. From the beginning, we've led in inventing new technologies and entirely new industries. Today, we continue to lead because we have a world-class, diverse workforce that puts the customer at the center of everything we do. For more information, visit corporate.carrier.com or follow Carrier on social media at @Carrier.

About This Role:

The Cybersecurity & Application Specialist operates independently, conducting multidisciplinary research and performing System Capability Analyses to assess end-user requirements. The role primarily focuses on ensuring the security of Sensitech’s products and digital environments by collaborating with product owners and development teams to identify, prioritize, and address security-related issues. Additionally, the specialist provides assurance, both internally and externally, to demonstrate the robustness of security measures in place. This position also interfaces directly with the Quality department, serving as the primary administrator for system access and permissions, and acting as the lead for configuration support within the electronic Quality Management System (e-QMS)

Job Description:

Collaborate with Carrier cybersecurity teams to ensure compliance with established security standards and frameworks

Coordinate and interpret the outcomes of internal and external penetration tests, ensuring timely resolution of identified issues

Support compliance efforts, including completing cybersecurity questionnaires and participating in on-site audits

Oversee scheduling and completion of audits and ongoing security assessments of software and IT environments

Working with teams to prioritize and schedule findings from internal security audits, penetration testing, and external penetration testing

Scheduling penetration tests with Carrier approved security vendors, analysis of results with any findings and working with product owners and teams to schedule work

Provide real-time support during external audits by directly participating in and addressing auditor inquiries

Develop and maintain slide decks that are cybersecurity focused which provide a high-level external entity-centric view of security architecture intended to answer security questions but not expose IP / detailed infrastructure

Respond to RFP/RFQ-related cybersecurity questions and ensure alignment with customer expectations

Serve as a point of contact with Carrier’s corporate cybersecurity team to align the best practices, tool usage, audit scheduling, and overall security strategy for new and existing products

Act as liaison between the Quality department and Compliance Quest (e-QMS) regarding user access, permissions, and system functionality

Serve as a subject matter expert (SME) in e-QMS processes and functionality

Provide configuration support for specific e-QMS modules based on organizational needs

Create and maintain a centralized knowledge base to capture frequently asked questions and guidance related to system usage and security

Required Qualifications:

Bachelors of Science

3+ years of experience in Quality role in a medical technology/pharmaceutical company

2+ years of experience CAQ knowledge

3+ years of experience in ISO 9001:2015

3+ years of experience in ISO 27001:2022

2+ years of experience working with MS SQL Server or Postgres

3+ experience working with public cloud providers such as Microsoft Azure or AWS

Preferred Qualifications:

Bachelors of Science in Computer Science or Information Systems

1+ years of experience working with project management tools such as Jira, Rally, or TFS is preferred

Knowledge of cybersecurity standards and principles, including secure coding practices, OWASP guidelines, and vulnerability assessment

Excellent communication skills

Strong SOA and distributed computing experience

Experience working with microservices architectures

Experience working in a distributed team environment

Experience building and supporting a SaaS software platform

Active interest in new technologies and emerging engineering practices

RSRCAR

#LI-onsite

Carrier is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. Carrier provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans’ Readjustment Assistance Act.

Job Applicant's Privacy Notice:

Click on this link to read the Job Applicant's Privacy Notice

30181293