Senior Cyber Security Architect - PKI (Finance)

.Join a cutting-edge aerospace product security team shaping the future of secure flight systems and defense technologies. We're seeking an experienced and highly skilled security engineering minded software developer to help maintain and reinvent internal tools that support cybersecurity workflows, risk assessments, and technical collaboration. This role emphasizes crafting intuitive, robust solutions that empower engineers and cybersecurity analysts across product lifecycles-balancing usability, availability, compliance, and performance.

You'll work directly with cybersecurity SMEs, systems engineers, and risk managers to design toolsets that reduce friction, elevate transparency, and accelerate decision-making in product security and compliance processes.

Honeywell is seeking a seasoned Public Key Infrastructure (PKI) and Key Management Services (KMS) expert to advance the security foundation of our aerospace technologies. As a Senior Advanced Individual Contributor, you will architect, implement, and govern robust cryptographic infrastructure across product platforms, engineering environments, and global tooling solutions.

This role is deeply hands-on and ideal for an expert passionate about securing mission-critical systems in high-assurance domains. You will collaborate with cybersecurity architects, systems engineers, and tooling teams to ensure secure software releases, identity management, and digital trust across complex ecosystems.

Key Responsibilities

• Design, implement, and maintain PKI and KMS solutions to support Honeywell Aerospace's internal tooling, product development, and secure engineering operations
• Define certificate lifecycle management policies, root CA/ICA hierarchy strategy, and revocation protocols for production and test environments
• Integrate cryptographic functions into DevSecOps pipelines and software release processes to ensure code signing, secure configuration management, and secure boot
• Support encryption, authentication, and identity validation across internal tools, CI/CD platforms, and engineering workflows
• Lead technical investigations and audits related to certificate compromise, key misuse, or unauthorized access
• Partner with risk, compliance, and cybersecurity teams to meet NIST, DO-326A, and other aerospace-relevant standards
• Evaluate emerging crypto technologies and recommend modernization strategies for legacy tooling
• Provide mentoring and guidance to junior engineers across cybersecurity and engineering functions

In addition to a competitive salary, leading-edge work, and developing solutions side-by-side with dedicated experts in their fields, Honeywell employees are eligible for a comprehensive benefits package. This package includes employer subsidized Medical, Dental, Vision, and Life Insurance; Short-Term and Long-Term Disability; 401(k) match, Flexible Spending Accounts, Health Savings Accounts, EAP, and Educational Assistance; Parental Leave, Paid Time Off (for vacation, personal business, sick time, and parental leave), and 12 Paid Holidays .For more Honeywell Benefits information visit: https://benefits.honeywell.com/

The application period for the job is estimated to be 40 days from the job posting date; however, this may be shortened or extended depending on business needs and the availability of qualified candidates.

Must be a US Citizen due to contractual requirementsAs a Sr Advanced Cyb Sec Archt/Engr here at Honeywell, you will design, implement, and maintain advanced cybersecurity solutions, collaborating with teams to ensure the security and resilience of our digital infrastructure. You will report directly to our Director Cyber Security and you'll work out of our Phoenix, AZ location on a Hybrid work schedule.YOU MUST HAVE

• 6 years in cybersecurity and cryptographic services with direct PKI/KMS domain expertise
• Expertise in maintaining and providing code signing capabilities
• Deep understanding of X.509, certificate authorities, OCSP, key rotation, HSM integration, and secure key storage
• Hands-on experience with tooling integration: e.g., Smartcards, TPMs, encrypted containers, and automation platforms
• Proven success designing secure architectures in regulated environment (e.g., aerospace, defense, critical infrastructure)
• Expertise in secure software lifecycle practices and DevSecOps environments
• Experienced with Java/Groovy, LINUX OS, and Ansible
• Experienced in assisting stakeholders with adoption and integration of PKI capabilities into product

WE VALUE

• Bachelor's degree or equivalent experience
• Passion for working with development teams to make more secure, harder to defeat products
• Good interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among project stakeholders
• Hands-on experience with Black Duck Hub, secure Jira workflows, and release signing automation
• Background in internal tooling development and secure engineering enablement
• Experience in deploying HSMs and KMS solutions in cloud, hybrid and on-prem environments
• Contributions to PKI governance models and enterprise crypto policies
• Good interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among project stakeholders
• Familiarity with regulatory requirements and cryptographic compliance standards (FIPS 140-2, NIST 800 series, DO178-C security addenda)
• Certifications in security and privacy for example Certified Encryption Specialist (ECES), GIAC Cryptography and Crypto Foundations (GCF)
• Understanding of Agile software development practices

Key Responsibilities

• Design, implement, and maintain PKI and KMS solutions to support Honeywell Aerospace's internal tooling, product development, and secure engineering operations
• Define certificate lifecycle management policies, root CA/ICA hierarchy strategy, and revocation protocols for production and test environments
• Integrate cryptographic functions into DevSecOps pipelines and software release processes to ensure code signing, secure configuration management, and secure boot
• Support encryption, authentication, and identity validation across internal tools, CI/CD platforms, and engineering workflows
• Lead technical investigations and audits related to certificate compromise, key misuse, or unauthorized access
• Partner with risk, compliance, and cybersecurity teams to meet NIST, DO-326A, and other aerospace-relevant standards
• Evaluate emerging crypto technologies and recommend modernization strategies for legacy tooling
• Provide mentoring and guidance to junior engineers across cybersecurity and engineering functions

About Us

Honeywell helps organizations solve the world's most complex challenges in automation, the future of aviation and energy transition. As a trusted partner, we provide actionable solutions and innovation through our Aerospace Technologies, Building Automation, Energy and Sustainability Solutions, and Industrial Automation business segments - powered by our Honeywell Forge software - that help make the world smarter, safer and more sustainable.