Product Security Engineer Jobs

Rockwell Automation is a global technology leader focused on helping the world’s manufacturers be more productive, sustainable, and agile. With more than 25,000 employees who make the world better every day, we know we have something special. Behind our customers - amazing companies that help feed the world, provide life-saving medicine on a global scale, and focus on clean water and green mobility - our people are energized problem solvers that take pride in how the work we do changes the world for the better.

We welcome all makers, forward thinkers, and problem solvers who are looking for a place to do their best work. And if that’s you we would love to have you join us!

POSITION SUMMARY

Reporting to the Product Security Leader for a large highly visible business unit, you are on the forefront of a new wave of technology within IIoT (Industrial Automation (IA) / Operational Technology (OT)). Cyber Security for End Products in the Embedded Devices is the main focus of our experienced Advanced Engineering Organization with the accountability to Infuse Product Security technology within important industrial products used globally.

YOUR WORK!

Primary Responsibilities

• Coordinate with Firmware Engineering teams on security requirements within products influencing aspects such as component selection relating to secure boot and roots of trust designs.
• Collaborate with System Architects across product teams to continually improve our security design, development, and deployment processes.
• Collaborate with our Product Engineering and Marketing teams on technical security concepts for products.
• Be part of an internal cybersecurity audit team to comply with the internal and external standards.
• Support Architect, lead security designs and develop, and maintain security features within firmware / software in Industrial Component products
• Coordinate internal & external security specifications compliance within product portfolio.

Basic Qualifications

• Legal authorization to work in the US is required. We will not sponsor individuals for employment visas, now or in the future, for this job opening.
• Bachelor's degree
• Travel up to 10%

Preferred Qualifications

• Basic understanding of Assembly Language, Program Counters, and Stack Pointers
• Know common protocols like SPE, Ethernet/IP, I2C, SPI, IPC, Modbus, CAN bus, 485, and LVDS.
• - CERT Process
• Partner across discipline, team, business, and organizational boundaries to resolve technical cyber security challenges Knowledge of secure coding & testing practices
• - Agile Ci/CD program management tools like Jira
• Performing Risk based analysis from CVSS Scores and CVEs for various product CPEs.
• Experience with Security Firmware Design, V-model practices or similar.
• Is familiar with evaluating security threats in Embedded Devices.
• - Pen Testing Processes
• Experience with
• Analyzing results from Binary Analysis tools (Jfrog/Xray/vdoo) or (Black Duck BA ) to derive
• Knowledge of IEC 62443.
• - Software Bill of Materials (SBOM)
• Delighted to break things in order to uncover security vulnerabilities
• - Vulnerability Assessments
• Knowledge of Industrial Components, energy metering, power control, industrial protocols, and Rockwell Automation PLC's
• Typically requires a minimum of 8 years of Embedded Product development teams responsible for delivering production quality firmware, applications, device drivers and/or embedded OS
• Experience with CAN, CAN Analyzers, CIP protocol, CAN-Open protocol, serial break out boxes and RS485
• Performing Risk based analysis from CVSS Impact & Exploitability Scores from CVEs for various product CPEs.
• - License Tracking
• Comfortable using network protocol analyzers, logic analyzers, hardware debuggers, and source-level debuggers to troubleshoot problems at all layers of the stack.
• - Find CVEs from the SBOMs and derive risk heat maps
• Experience with Trusted Platform Modules (TPM), Secure Boot, and cryptography fundamentals.
• - Requirements tracking tools ( i.e. Jama or Jazz/Doors)
• Eager to hook up a logic analyzer, In-Circuit-Emulators to investigate issues with the boot chain.
• Analyzing Threat Models from technical Requirements and Security Requirements (i.e. 62443, 800-53, & 800-82) Derive Threats from CAPECs or other sources
• - Able to explain complex Cyber Risks and technical issues to a non-technical Audience.
• Knowledge of web technologies databases, high-level languages (Ruby, JavaScript), frameworks (Rails, React), and architectural patterns.
• - Able to explain to technical peers why/how to find a technical solution
• Experience with writing C/C++ for Embedded OS (i.e. Green Hills, VxWorks, QNX, embedded Linux) as well as windows and finite state machines.
• Experience working in a cross-functional team with both technical and nontechnical team mates.
• - Analyzing Risk from DAST Tools to find vulnerabilities in a running application using results to analyze alerts and vulnerabilities.
• Experienced with Communication protocols, such as IO Link, Ethernet/IP and wireless (Bluetooth)
• Bachelor's degree in Computer Engineering, Computer Science, or Electrical Engineering with a Software, Firmware, and Circuits background.
• - Disposition Threats vectors to test, remediate, fix, accept, transfer, or NA
• Experienced with simple peripherals such as A/D, D/A
• Test tools like Qtest or QC-ALM Verification/Validation -
• CISSP or CEH (Master) with CSSLP
• This position is part of a job family. Experience will be the determining factor.
• Experience in embedded systems development concepts, including cross-platform development and build tools, bootloaders, kernel configuration and device drivers
• Has experience reading schematics and data sheets.
• Experience debugging and compiling device drivers.
• - Secure Development Life Cycle (NIST 800-218)

We are an Equal Opportunity Employer including disability and veterans.

If you are an individual with a disability and you need assistance or a reasonable accommodation during the application process, please contact our services team at +1 (844) 404-7247.