• Develop and execute application security strategy, including threat modeling, secure code review practices, and vulnerability management • Establish and maintain secure software development lifecycle practices and standards across all engineering teams • Oversee vulnerability management programs including triage, remediation tracking, and executive reporting • Manage the application security tool portfolio including SAST, DAST, and software composition analysis platforms • Lead threat modeling and architectural security reviews for critical systems and new initiatives • Coordinate third-party security assessments, penetration testing, and code reviews • Drive security awareness and training programs tailored to developer and architect audiences • Establish KPIs and executive dashboards to communicate application security posture and risk trends • Partner with Engineering, DevOps, and Product leadership to embed security into CI/CD pipelines and release processes • Define and enforce application security policies, standards, and control frameworks • Evaluate and respond to emerging threats, CVEs, and industry developments relevant to application security • Lead, mentor, and grow a team of application security engineers

• As a Senior Account Manager here at Honeywell, you will be responsible for managing and growing key customer accounts, ensuring customer satisfaction, and driving revenue growth. • You will act as the primary point of contact for clients, developing strong relationships and understanding their business needs to provide tailored solutions. • In this role, you will impact Honeywell’s market presence and revenue by fostering long-term partnerships with clients and delivering exceptional account management and business development strategies. • Note that this role requires travel up to 50% domestically.

• Architect and implement guardrails for tool-using AI systems, including: • Tool access controls and allowlists • Context and memory isolation • Step-level validation of agent actions • Apply mitigations aligned to the OWASP Agentic AI Top 10 (e.g., prompt injection, unsafe tool use, data leakage, excessive autonomy) • Build enforcement mechanisms that govern AI behavior at execution time: • Interceptors, proxies, or middleware for tool/API calls • Policy decision and enforcement layers • Rate limits, execution bounds, and kill-switches • Design and implement identity and access controls for agents and automation, including: • Short-lived credentials and scoped permissions • Clear separation between human and non-human access • Strong binding of identity to task context and execution • Ensure all AI actions are attributable and auditable • Implement logging and tracing for AI activity: • Prompts, tool usage, and decision flows • Build detection capabilities using: • Behavioral baselining and anomaly detection techniques • Identify and alert on: • Abnormal tool usage • Suspicious prompt patterns • Unexpected data access • Perform agentic system threat modeling using MAESTRO, including: • Mapping agent capabilities, trust boundaries, and attack paths • Modeling misuse and adversarial scenarios • Translate findings into practical safeguards and detection logic • Protect developers using AI tools by: • Preventing sensitive data exposure • Validating AI-generated code and actions • Constraining unsafe automation

• Lead threat modeling, hardening and operation of security services • Define and implement security standards and automated security controls • Partner with cross-functional teams to embed secure design practices • Lead technical direction and roadmap execution for assigned area • Maintain high Operational Excellence to minimize downtime • Participate in on-call rotation to respond to events • Manage lifecycle of product and cloud security vulnerabilities • Influence secure adoption of LLMs and AI tools • Mentor and coach earlier career engineers