Our Ability Jobs

Job Information

Trane Technologies DevSecOps Architect in St Paul, Minnesota

At Trane Technologies TM and through our businesses including Trane ® and Thermo King ® , we create innovative climate solutions for buildings, homes, and transportation that challenge what’s possible for a sustainable world. We're a team that dares to look at the world's challenges and see impactful possibilities. We believe in a better future when we uplift others and enable our people to thrive at work and at home. We boldly go.

Thrive at work and at home:

  • Benefits kick in on DAY ONE for you and your family, including health insurance and holistic wellness programs that include generous incentives – WE DARE TO CARE !

  • Family building benefits include fertility coverage and adoption/surrogacy assistance.

  • 401K match up to 6%, plus an additional 2% core contribution = up to 8% company contribution.

  • Paid time off, including in support of volunteer and parental leave needs.

  • Educational and training opportunities through company programs along with tuition assistance and student debt support .

  • Learn more about our benefits here (https://careers.tranetechnologies.com/global/en/benefits) !

Be a part of our mission! As a world leader in creating comfortable, sustainable, and efficient environments, it’s our responsibility to put the planet first. For us at Trane Technologies, sustainability is not just how we do business—it is our business. Do you dare to look at the world's challenges and see impactful possibilities? Do you want to contribute to making a better future? If the answer is yes, we invite you to consider joining us in boldly challenging what’s possible for a sustainable world.

If this sounds exciting to you, read on to learn more about who we are and what we believe in:

We uplift others – we believe in providing an opportunity for all and building a culture that is diverse, inclusive, and respectful. We lift each other up and care about the success and well-being of others.

We make an impact – we believe that what we do has the potential to change the world. We succeed together by striving daily to create a lasting, positive impact on the planet.

We thrive at work and at home – we are supported by meaningful benefits, compensation, learning and development solutions, and opportunities for rewarding careers. We are firmly committed to the well-being and safety of our people.

This role has been designated as a Hybrid work schedule and will be based out of our St. Paul, MN location.

As a DevSecOps, you will be responsible for working with other BAS control and software development team members to identify business, technology and cloud offerings security, risks, and vulnerabilities in the early stages and embed security requirements to address and validate them. Conduct security assessments of systems in development where the assessment activities will include threat modeling, attack modeling, security DFMEA, vulnerability assessment, SIEM, triaging, and reporting. You’ll also provide subject matter expertise across technologies and practices to meet customer requirements for rapid service delivery, reliability and innovation.

Support activities with product architects, system engineers, developers, and testers to implement secure designs and deployments by employing secure communications, network/device/SIEM access control, authentication, authorization, network defense (IDS, IPS), cryptography, audit, forensics, and anomaly and misuse detection to provide information security (integrity, confidentiality, availability, and non-repudiation).

This DevSecOps Architect must have relevant programmatic, hands-on technical expertise based upon the platform service provided.

Core Job Responsibilities (others may be added):

• Define and develop Secure DevOps, CI/CD to manage, execute releases and cloud deployments.

• Engage with teams to conduct security risk assessments and conform to organizational remediation/mitigation timelines in different phases of the secure product development lifecycle

• Provide product security support to development teams, including reviewing and explaining security tools and processes, providing vulnerability explanations and remediation guidance

• Optimize product/system security by creating and reviewing architecture and detailed design solutions that reflect best practices

• Define and develop centralized Security Data Management - Security Lake/Hub and active Security Monitoring and notification services

• Coordinate product security program metrics and reporting

• Support ongoing vulnerability and patch management through tracking, triaging and prioritizing across all digital offerings to minimize the potential security risk

• Help drive all digital platform requirements to meet the regulatory and compliance requirements (like GDPR, ISO, ISA/IEC, SOC2, TXRAMP, and FedRAMP)

• Partner with third-party vendors to deliver software security tools and services

• Partner closely on security operations tasks with cross-functional teammates in IT, DevOps, Security, Engineering, Compliance, and Test

● Identify the design security implications within a digital platform and IoT edge system and work with teams to minimize the security attack surface

● Influence program decisions to reduce the risk exposure of the company

● Participate in Zero-day remediation, Hotfixes, and Incident Response efforts

● Identify and review test coverage for the security aspects of the system

● Assist in responses to external audits, customer questionnaires, penetration tests and vulnerability assessments

● Self-motivated to stay engaged with the market on new security products, threats and vulnerabilities and to apply innovative approaches in technology, marketing and service operations to meet those needs.

Basic Qualifications

● Bachelor's or Master's degree in Computer Science (or equivalent technical experience with an emphasis on cyber security)

● 8+ years of cumulative experience in Cybersecurity for application development in Application, Network, Mobile, and Cloud Technologies.

● 5+ years of expertise in cloud-based service, data centers, cloud-native architecture(AWS, AWS Serverless, Azure, IoT Edge Systems, IoT Device Shadow, IoT Rules, API Gateway, CloudFormation Template), operations, and security best practices

● Strong knowledge of Application Security, Security Architecture and Security Assessment: Threat Modeling, Secure Development, Risk Assessment, Threat Analysis, DFMEA, Penetration Testing, and Secure software development lifecycle (SSDLC, SDL, SSDF).

● Strong knowledge of security containers, hands-on experience with DevSecOps principles, and end-to-end DevSecOps processes

● Strong knowledge of OpenSSL, IoT Core/Edge, TLS mutual authentication, KMS, PKI, digital signatures, and certificate management

● Experience in implementing and integrating security tools into CI/CD - with various application security tools, including SAST, SCA, IAST, DAST, API Security, WAF, Shield, and RASP

● Experience in architecting solutions using AWS Cloud native technologies such as, AWS Amplify, S3, SNS, SQS, Lambda, DynamoDB, Cognito and AWS AppSync is required

● Experience with Agile methodologies such as Scrum and Kanban

● Ability to research, develop, and keep abreast of tools, techniques, and process improvements in support of security detection and analysis following current and emerging threats

● Knowledge of penetration testing techniques, application security vulnerabilities, OWASP Top 10, SANS 25, CWE, etc.

● Knowledge of Security Industry Standards and Frameworks: e.g., NIST, ISA/IEC, GDPR, SOC2, FedRAMP

● Excellent verbal and written communication skills, with the ability to communicate to all levels of the organization.

Preferred Qualifications

● Familiar with DISA STIG assessment and implementation for Cloud, IoT systems

● Desirable certification(s): AWS Solutions Architect Professional, AWS Certified DevOps Engineer, GCLD, GSOC, GDSA, CDA or any other relevant cloud security certifications.

We offer competitive compensation and comprehensive benefits and programs. We are an equal opportunity employer; all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, pregnancy, age, marital status, disability, status as a protected veteran, or any legally protected status.

We are committed to achieving workforce diversity reflective of our communities. We are an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identify, national origin, pregnancy, age, marital status, disability, status as a protected veteran, or any legally protected status.