Unfortunately, this job posting is expired.
Don't worry, we can still help! Below, please find related information to help you with your job search.
Don't worry, we can still help! Below, please find related information to help you with your job search.
Related keywords
- Product Security Testing Software Engineer
- Product Engineer
- Lead Product Security Engineer
- Senior Product Security Engineer
- Associate Product Security Engineer
- Experienced Product Security Engineer
- Entry Level Product Security Engineer
- Staff Product Security Software Engineer
- Product Security Engineer
- Chief Product Security Engineer
Some similar recruitments
Product Manager (Entry Level) - Us/Canada
Recruited by Pattern Learning AI - Career & Tech Recruitment Reimagined! 8 months ago
Address Georgia, United States
Product Engineer - Complete Seat
Recruited by Lear Corporation 1 year ago
Address McCalla, AL, United States
Product Security Engineer Jobs
Company | Rockwell Automation |
Address | Huntsville, AL, United States |
Employment type | FULL_TIME |
Salary | |
Category | Automation Machinery Manufacturing,Software Development |
Expires | 2023-07-11 |
Posted at | 11 months ago |
Rockwell Automation is a global technology leader focused on helping the world’s manufacturers be more productive, sustainable, and agile. With more than 25,000 employees who make the world better every day, we know we have something special. Behind our customers - amazing companies that help feed the world, provide life-saving medicine on a global scale, and focus on clean water and green mobility - our people are energized problem solvers that take pride in how the work we do changes the world for the better.
- Coordinate with Firmware Engineering teams on security requirements within products influencing aspects such as component selection relating to secure boot and roots of trust designs.
- Collaborate with System Architects across product teams to continually improve our security design, development, and deployment processes.
- Collaborate with our Product Engineering and Marketing teams on technical security concepts for products.
- Be part of an internal cybersecurity audit team to comply with the internal and external standards.
- Support Architect, lead security designs and develop, and maintain security features within firmware / software in Industrial Component products
- Coordinate internal & external security specifications compliance within product portfolio.
- Legal authorization to work in the US is required. We will not sponsor individuals for employment visas, now or in the future, for this job opening.
- Bachelor's degree
- Travel up to 10%
- Basic understanding of Assembly Language, Program Counters, and Stack Pointers
- Know common protocols like SPE, Ethernet/IP, I2C, SPI, IPC, Modbus, CAN bus, 485, and LVDS.
- - CERT Process
- Partner across discipline, team, business, and organizational boundaries to resolve technical cyber security challenges Knowledge of secure coding & testing practices
- - Agile Ci/CD program management tools like Jira
- Performing Risk based analysis from CVSS Scores and CVEs for various product CPEs.
- Experience with Security Firmware Design, V-model practices or similar.
- Is familiar with evaluating security threats in Embedded Devices.
- - Pen Testing Processes
- Experience with
- Analyzing results from Binary Analysis tools (Jfrog/Xray/vdoo) or (Black Duck BA ) to derive
- Knowledge of IEC 62443.
- - Software Bill of Materials (SBOM)
- Delighted to break things in order to uncover security vulnerabilities
- - Vulnerability Assessments
- Knowledge of Industrial Components, energy metering, power control, industrial protocols, and Rockwell Automation PLC's
- Typically requires a minimum of 8 years of Embedded Product development teams responsible for delivering production quality firmware, applications, device drivers and/or embedded OS
- Experience with CAN, CAN Analyzers, CIP protocol, CAN-Open protocol, serial break out boxes and RS485
- Performing Risk based analysis from CVSS Impact & Exploitability Scores from CVEs for various product CPEs.
- - License Tracking
- Comfortable using network protocol analyzers, logic analyzers, hardware debuggers, and source-level debuggers to troubleshoot problems at all layers of the stack.
- - Find CVEs from the SBOMs and derive risk heat maps
- Experience with Trusted Platform Modules (TPM), Secure Boot, and cryptography fundamentals.
- - Requirements tracking tools ( i.e. Jama or Jazz/Doors)
- Eager to hook up a logic analyzer, In-Circuit-Emulators to investigate issues with the boot chain.
- Analyzing Threat Models from technical Requirements and Security Requirements (i.e. 62443, 800-53, & 800-82) Derive Threats from CAPECs or other sources
- - Able to explain complex Cyber Risks and technical issues to a non-technical Audience.
- Knowledge of web technologies databases, high-level languages (Ruby, JavaScript), frameworks (Rails, React), and architectural patterns.
- - Able to explain to technical peers why/how to find a technical solution
- Experience with writing C/C++ for Embedded OS (i.e. Green Hills, VxWorks, QNX, embedded Linux) as well as windows and finite state machines.
- Experience working in a cross-functional team with both technical and nontechnical team mates.
- - Analyzing Risk from DAST Tools to find vulnerabilities in a running application using results to analyze alerts and vulnerabilities.
- Experienced with Communication protocols, such as IO Link, Ethernet/IP and wireless (Bluetooth)
- Bachelor's degree in Computer Engineering, Computer Science, or Electrical Engineering with a Software, Firmware, and Circuits background.
- - Disposition Threats vectors to test, remediate, fix, accept, transfer, or NA
- Experienced with simple peripherals such as A/D, D/A
- Test tools like Qtest or QC-ALM Verification/Validation -
- CISSP or CEH (Master) with CSSLP
- This position is part of a job family. Experience will be the determining factor.
- Experience in embedded systems development concepts, including cross-platform development and build tools, bootloaders, kernel configuration and device drivers
- Has experience reading schematics and data sheets.
- Experience debugging and compiling device drivers.
- - Secure Development Life Cycle (NIST 800-218)
-
Systems Analyst - Excel, Xml, Sql, Scripting
By CyberCoders At Salt Lake City, UT, United States 7 months ago
-
(Senior) Finance & Shared Services Manager
By Catholics For Choice At Washington, DC, United States 7 months ago
-
Paralegal - Probate Administration
By CyberCoders At Miami, FL, United States 7 months ago
-
Account Executive - Automotive Software
By ECW Search At United States 7 months ago
-
Construction Project Coordinator Jobs
By CyberCoders At River Falls, WI, United States 7 months ago