General Counsel, Cyber Security & Government Contracts

JOB DESCRIPTION

Honeywell is hiring for a General Counsel, Cyber Security & Government Contracts to lead the cybersecurity/government contracts legal practice across the Honeywell Technologies business. This role is the enterprise's principal legal advisor on cybersecurity risk, product security, government contracts, incident response, and security regulatory compliance, providing strategic counsel across business segments and corporate functions.

The position carries both strategic and operational weight: shaping enterprise policy while managing day-to-day legal risk where a single compliance failure can trigger regulatory enforcement, loss of customer trust, or disruption to business operations. The role partners closely with the CISO, CTO, engineering, IT, product security, and commercial teams to embed legal and compliance considerations into product development, incident response, and business operations and advises on U.S. government contract regulations (FAR/DFARS/DPAS/domestic sourcing requirements), contract negotiations, risk management, and compliance.

This position operates at an executive level in the Law Department with significant influence on legal and business strategy and has a Government Contracts Analyst reporting to it.

You will report directly to our VP & GC Data Privacy with a matrix report to the VP & GC Regulatory and Legal Transformation and you’ll work out of our Charlotte, NC location on a hybrid work schedule.

Why This Role Matters

Cybersecurity threats and data governance obligations are growing in complexity and consequence across Honeywell Technologies’ global operations. From coordinated vulnerability disclosure and product security to SEC cyber incident reporting, this role ensures Honeywell meets its legal obligations while enabling the business to operate at speed. It also protects revenue and mission-critical customer relationships by ensuring compliant performance under FAR/DFARS and related government contract requirements, reducing the risk of audits, claims, bid protests, or loss of eligibility to compete.

ABOUT US

Honeywell helps organizations solve the world's most complex challenges in automation, the future of aviation and energy transition. As a trusted partner, we provide actionable solutions and innovation through our Aerospace Technologies, Building Automation, Energy and Sustainability Solutions, and Industrial Automation business segments – powered by our Honeywell Forge software – that help make the world smarter, safer and more sustainable.

RESPONSIBILITIES

Key Responsibilities

Cybersecurity Legal

• Serve as a standing member of the Cybersecurity Incident Response Team, coordinating legal risk management, privilege strategy, regulatory assessment, and communications during cyber incidents.
• Advise the CISO and cybersecurity team on legal requirements for incident detection, response, notification, and remediation, including mandatory reporting timelines under federal, state, and international breach notification laws.
• Counsel on secure product development, coordinated vulnerability disclosure (PSIRT), and regulatory readiness across the product lifecycle, including compliance with the EU Cyber Resilience Act (CRA) and NIS2 Directive.
• Partner with GRC on maintaining Honeywell’s information security management system, policies, certifications, and customer-facing assurances in light of legal and contractual obligations, including ISO 27001, SOC 2, and technical and organizational measures incorporated into data processing agreements.
• Structure and negotiate information security terms in agreements with customers, suppliers, and commercial partners and support security terms, due diligence and integrations in M & A.
• Monitor and interpret emerging cybersecurity and legislation affecting government contracting at the federal, state, and international level.
• Own the legal dimensions of CMMC, NIST SP 800-171/800-53 compliance, and DFARS 252.204-7012 obligations for controlled unclassified information (CUI).

Government Contracts Legal

• Advise business and legal stakeholders on U.S. government contract compliance, including FAR, DFARS, DPAS, domestic preference requirements (including BAA, TAA, BABA, FTA BA), and related government contracting obligations.
• Develop, maintain, and enhance government contract compliance policies, procedures, tools, and guidance to support compliance program, business operations, and risk management.
• Monitor and assess regulatory developments, including FAR/DFARS updates, proposed DFARS rules, FASCSA prohibitions, and other emerging U.S. government compliance requirements.
• Lead legal oversight of government contract compliance, including supplier/product screening (e.g., domestic preference, FASCSA, NDAA 889) and approval of representations, certifications, and contract requirements.
• Drive enterprise compliance processes and governance, including automation (e.g., iValua), KPI/KRI reporting, audits and site risk assessments, SAM.gov/CAGE maintenance, and continuous improvement initiatives.
• Serve as a strategic legal partner by delivering training and guidance, supporting investigations and remediation, and coordinating with cross‑functional stakeholders and outside counsel to advance compliance strategy.

Critical Skills

• Established expertise in cybersecurity law and government contracts law with demonstrated ability to influence senior leadership.
• Deep working knowledge of NIST SP 800-171/800-53, CMMC, DFARS 252.204-7012 and related safeguarding requirements, SEC cybersecurity disclosure rules, NIS2, the EU Cyber Resilience Act, and the EU Data Act.
• Proficiency partnering with technical teams on security architecture, vulnerability management, incident response, and product security.
• Incident response and regulatory engagement experience, including breach notifications, investigations, and interactions with regulators globally.
• Deep knowledge of FAR, DFARS, DPAS, domestic preference requirements (BAA, TAA, BABA, FTA BA), reps/certs, and related U.S. government contracting obligations.
• Strong ability to counsel business, sourcing, export, cybersecurity, audit, and legal stakeholders on government contracts compliance requirements and drive practical implementation of FAR, DFARS, DPAS, domestic preference, reps/certs, and related obligations.
• Experience developing and enhancing government contracts compliance policies, procedures, tools, controls, and training programs to support regulatory implementation, strengthen compliance infrastructure, and improve organizational readiness.
• Strong contracting and drafting capability for cybersecurity and government contracts, including prime contracts, subcontracts, teaming agreements, security addenda, audit rights, and flow-down clauses.
• Working knowledge of government contractor compliance and audit frameworks (e.g., ethics and mandatory disclosure considerations, investigations, Inspector General inquiries, and DCAA/DCMA touchpoints).
• Practical understanding of cost allowability and pricing concepts common in federal contracting (e.g., allowability/allocability/reasonableness principles).
• Excellent judgment, prioritization, and stakeholder management in fast-moving, cross-functional environments (legal, compliance, security, engineering, supply chain, and commercial teams).

QUALIFICATIONS

You Must Have:

• 10+ years of relevant legal experience, including significant experience advising on cybersecurity and government contracts matters.
• J.D. (or equivalent) and admitted to practice law in a jurisdiction in the United States.
• Demonstrated ability to synthesize complex issues quickly and communicate clearly to technical and non-technical audiences.
• Proven subject matter expertise in cybersecurity and government contracts law management.
• Ensure you include GoInhouse.com as the source of the job posting when you apply.

We Value:

• Prior in-house legal experience in regulated or industrial sectors.
• Prior government experience (e.g., DOJ, FTC, SEC, DOD, Commerce Department, CISA).
• Experience with global cybersecurity and government contracts regulatory regimes, including the EU Data Act, NIS2, CRA, the FAR, the DFARS, DPAS, domestic preference requirements (BAA, TAA, BABA, FTA BA), CMMC, and GDPR.
• Experience in crisis management, including ransomware attacks and coordinated incident response.
• Investigation, litigation, and regulatory compliance experience (e.g., sanctions, export controls, government contracts).
• Strong, independent leadership and the ability to set strategic direction and execute in a matrixed organization.

BENEFITS OF WORKING FOR HONEYWELL

In addition to a competitive salary, leading-edge work, and developing solutions side-by-side with dedicated experts in their fields, Honeywell employees are eligible for a comprehensive benefits package. This package includes employer subsidized Medical, Dental, Vision, and Life Insurance; Short-Term and Long-Term Disability; 401(k) match, Flexible Spending Accounts, Health Savings Accounts, EAP, and Educational Assistance; Parental Leave, Paid Time Off (for vacation, personal business, sick time, and parental leave), and 12 Paid Holidays. For more information visit: click here

The application period for the job is estimated to be 40 days from the job posting date; however, this may be shortened or extended depending on business needs and the availability of qualified candidates.

PAY EQUITY

The annual base salary range for this position is $242,000 - $302,000. Please note that this salary information serves as a general guideline. Honeywell considers various factors when extending an offer, including but not limited to the scope and responsibilities of the position, the candidate's work experience, education and training, key skills, as well as market and business considerations.

ABOUT HONEYWELL

Honeywell Technologies (Nasdaq: HON) invents and commercializes technologies that address some of the world's most critical challenges around energy, safety, security, air travel, productivity, and global urbanization. We are a leading software-industrial company committed to introducing state of the art technology solutions to improve efficiency, productivity, sustainability, and safety in high growth businesses in broad-based, attractive industrial end markets. Our products and solutions enable a safer, more comfortable, and more productive world, enhancing the quality of life of people around the globe. Learn more about Honeywell: click here.

THE BUSINESS UNIT

The Corporate Strategic Business Group (CORP SBG) at Honeywell Technologies is a division focused on corporate-level functions and initiatives that support the overall operations and strategy of the company. It is responsible for overseeing areas such as finance, legal, human resources, communications, and corporate governance, working closely with other business units and SBGs to ensure alignment and coordination across the organization. The CORP SBG plays a crucial role in the overall strategic direction and management of Honeywell's corporate functions and operations, supporting the company's business objectives.

Honeywell is an equal opportunity employer. Qualified applicants will be considered without regard to age, race, creed, color, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex, religion, or veteran status. Learn more about inclusion and diversity: click here