Advanced Security Program Manager - Johnson Controls

Key Responsibilities

• Design, implement, and continuously improve a comprehensive security program that supports mission‑critical facilities such as data centers, healthcare, and advanced manufacturing.
• Drive risk assessments, threat modeling, and remediation planning in accordance with ISO 27001, NIST CSF, and other industry standards.
• Partner with cross‑functional teams to embed security controls into cloud, IoT, and building‑automation platforms.
• Lead incident response coordination, post‑mortem analysis, and lessons‑learned integration.
• Develop and deliver security metrics, dashboards, and executive reporting to demonstrate program effectiveness.

Requirements

• 5+ years of experience managing enterprise‑wide security programs, preferably in industrial or building‑systems environments.
• Deep knowledge of ISO 27001, NIST Cybersecurity Framework, and related compliance regimes.
• Hands‑on experience with cloud security architectures (AWS, Azure, or GCP) and Identity & Access Management solutions.
• Proven ability to lead cross‑functional teams, influence senior stakeholders, and communicate complex security concepts clearly.
• Relevant certifications such as CISSP, CISM, or ISO 27001 Lead Implementer are strongly preferred.