Rockwell Automation, the world's largest company dedicated to industrial automation and information. The ompany helps customers through leading technologies and a comprehensive portfolio of products, software and services. We are among 100 the most ethical companies globally.
Join our growing team in Product Security Office and take the opportunity to grow your security expertise with exposure to a large and diverse set of products and technologies from low cost embedded devices, complex robotics, enterprise applications to cloud based architectures. Rockwell Automation is helping customers bring the Connected Enterprise to life in critical infrastructure, services, and manufacturing around the world. The security of our products and solutions is essential to keeping customer operations running, information confidential, and the users of our systems safe.
This position is for a Staff Product Security Engineer. You will be recognized as a security expert and consultant across the company. The ideal candidate will be a collaborative team member, have a high level of integrity, the ability to identify creative solutions to complex problems and most importantly a passion for security. This position is fast paced and team members are expected to be quick learners, comfortable reviewing and assessing the work of others and providing coaching and consulting to peers.You will be a key player in a team of security and product development engineers leading activities related to architecture, design, and the development of products, technologies and standards.
- Consult, review and audit the proper application of security principles and techniques with product groups across Rockwell Automation
- Research current security trends in Industrial Control Systems, embedded systems, hardware design, cloud-to-edge, and application security and collaborate with security experts to ensure proper security requirements are put in place.
- Be a security thought leader within Rockwell Automation through educating internal personnel and influencing proper security development techniques and tools
- Provide guidance to senior levels of management regarding product security risk and exposure
Minimum Qualifications
- Bachelor’s degree in Electrical Engineering, Computer Engineering, Computer Science or equivalent
- 5+ years of application and/or software development experience in a professional setting, or an equivalent graduate degree
- 2+ years of experience in demonstrating Security Development Lifecycle concepts (ie./ secure code reviews, threat modeling, penetration testing, etc)
- Demonstrated knowledge in the application of both software engineering and security principles, theories, concepts, and techniques
- Written and verbal skills in English
Desired Qualifications
- Basic knowledge of industrial control systems
- Excellent communication skills
- Understanding and experience implementing security standards such as the NIST Cybersecurity Framework and/or IEC 62443
- Security certification(s) such as CISSP, CEH, Applicable GIAC Certifications, OSCP, CySec Specialist (TÜV Rheinland), or similar
- Knowledge of communication protocols, preferably Ethernet and/or Common Industrial Protocol (CIP), and modern Intel and ARM architectures
- Advanced coursework and/or training related to secure software engineering, application security, cloud security, embedded systems, and/or securing operating systems