Chief Product Security Engineer

At Trane TechnologiesTM and through our businesses including Trane® and Thermo King®, we create innovative climate solutions for buildings, homes, and transportation that challenge what’s possible for a sustainable world. We're a team that dares to look at the world's challenges and see impactful possibilities. We believe in a better future when we uplift others and enable our people to thrive at work and at home. We boldly go.

As a Senior Leader and key Subject Matter Expert of the Product Security Team, the Chief Product Security Engineer will play a critical role in ensuring the security of the company’s products and the protection of customer data. An opportunity to build and mature company-wide Product Security capability from the ground up, this role is the leading technical voice to build and mature the product security capability / discipline across the Trane Technologies enterprise. The Chief Product Security Engineer will work closely with development and engineering teams to ensure that security is integrated into all aspects of the product lifecycle. This role reports directly to the Director, Product Security Assurance.

This role has been designated as Virtual. Work can be done from anywhere in the United States.

Principal Responsibilities

• Define standard work and business operating standards for Product Security for existing and new product development projects.
• Represent the company in industry groups and forums on product security. Educate and influence product engineering teams on good cybersecurity practices and their role in the product security program.
• Servant Leadership and Emotional Intelligence to help build and shape an Enterprise-wide Product Security Team from the ground up.
• Identify, create, and /or provide regular training to development teams on secure coding practices and security best practices.
• Identify and shape the design and implementation of security features for new products.
• Work with development teams to recommend the appropriate security controls.
• Stay up to date on emerging security threats and trends and provide recommendations for improving the security of the company’s products.
• Support and conduct regular security assessments of the company’s products through the engineering gate process across the entire product lifecycle including threat modeling, architectural analysis, and other reviews.
• Support in the Identification, assessment, and remediation of potential vulnerabilities in the company’s products.
• Recommend and identify current and future Product Security Best Practices, Technologies, and Capabilities.
• Influence and lead our collective enterprise-wide product security engineers and provide guidance on secure development processes, security assessments, and remediation efforts.

Candidate Profile/Qualifications

• Required: Ability to effectively communicate complex security concepts to technical and non-technical stakeholders.
• Travel: 10-20%
• Bachelor’s, MS or PhD engineering degree and a minimum of 7-10 years of equivalent experience.
• Required: Knowledgeable in Product Security and experience in applying it to the full engineering lifecycle is required.
• Preferred: Expertise in common product cybersecurity frameworks including ISO/IEC 27001, IOXT, NIST (National Institute of Standards and Technology), IEC 62443

We offer competitive compensation and comprehensive benefits and programs. We are an equal opportunity employer; all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, pregnancy, age, marital status, disability, status as a protected veteran, or any legally protected status.