Product Security Lead

Rockwell Automation is a global technology leader focused on helping the world’s manufacturers be more productive, sustainable, and agile. With more than 28,000 employees who make the world better every day, we know we have something special. Behind our customers - amazing companies that help feed the world, provide life-saving medicine on a global scale, and focus on clean water and green mobility - our people are energized problem solvers that take pride in how the work we do changes the world for the better.

We welcome all makers, forward thinkers, and problem solvers who are looking for a place to do their best work. And if that’s you we would love to have you join us!

Summary

As a Product Security Leader (PSL) for the Product Automation (PA), you are the central authority for the Business Unit for the products assigned to this individual. You will be responsible for coordinating PA product security efforts across Rockwell Automation and within PA. This includes awareness of the state-of-the-art, industry standards, and security best practices. This further includes establishing standards, processes, and guidelines within PA to establish world-class security in our products and institutionalizing them within our practices. You will report to Director, Logix Architecture. You will be working with the team spread across multiple geographies. You will work Hybrid at Singapore.

Your Responsibilities

• Be a security thought leader within Rockwell Automation through educating internal personnel and influencing proper security development techniques and tools.
• Provide guidance to senior levels of management regarding product security risk and exposure.
• Drive the process for managing vulnerabilities and their resolution. Provide periodic metrics demonstrating our vulnerability posture.
• Drive the proper application of security principles and techniques with product groups.
• Research current security trends in Industrial Control Systems, software, embedded systems, hardware design, cloud-to-edge, and application security and collaborate with security experts to ensure proper security requirements are put in place.
• Participate and provide critical analysis in security exception reviews and then advocate/review those exceptions with senior management.
• Interact with Digital Trust on security initiatives that the product groups need to participate in.
• Represents the business unit for customer presentations and meetings with regards to security.
• Position requires an understanding of security in the IT and automation markets, competitive offerings, and customer needs to provide direction and implementation in Rockwell Automation control system products and services.
• Demonstrated leadership capabilities, creativity and strategic development, and a proven ability to drive results.
• Strong communication skills and an ability to work within a global remote team environment also critical to achieve the business objectives.
• Security roadmap with portfolio managers.

The Essentials - You Will Have

• Bachelor's degree in Computer Science, IT Engineering, Electrical Engineering, or equivalent.
• 9 or more years of experience.
• Typically requires 8+ years of related experience.

• Legal authorization to work in the Singapore is required. We will not sponsor individuals for employment visas, now or in the future, for this job opening.
• 2+ years of experience in demonstrating Security Development Lifecycle concepts (i.e., secure code reviews, threat modeling, and penetration testing).

The Preferred - You Might Also Have

• 5+ years of application and/or software/firmware development experience in a professional setting
• 2+ years of experience in demonstrating Security Development Lifecycle concepts (i.e., secure code reviews, threat modeling, and penetration testing)
• Written and verbal skills in English
• Basic knowledge of industrial control systems
• Demonstrated knowledge in the application of both software/embedded software engineering and security principles, theories, concepts, and techniques.
• Demonstrated knowledge in the application of both cloud-based software security principles.
• Demonstrated knowledge of hardware engineering security principles, theories, concepts, and techniques.
• Understanding and experience implementing security standards such as the NIST Cybersecurity Framework and/or IEC 62443
• Security certification(s) such as CISSP, CEH, Applicable GIAC Certifications, OSCP, CySec Specialist (TÜV Rheinland), or an advanced degree in cybersecurity.
• Knowledge of communication protocols Ethernet and/or Common Industrial Protocol (CIP), and modern microprocessor architectures.
• Advanced coursework and/or training related to secure software engineering, application security, cloud security, embedded systems, and/or securing operating systems.

What We Offer

Our benefits package includes …

• Comprehensive mindfulness programs with a premium membership to Calm
• Volunteer Paid Time off available after 6 months of employment for eligible employees.
• Company volunteer and donation matching program – Your volunteer hours or personal cash donations to an eligible charity can be matched with a charitable donation.
• Employee Assistance Program
• Personalized wellbeing programs through our OnTrack program
• On-demand digital course library for professional development

... and other local benefits!

At Rockwell Automation we are dedicated to building a diverse, inclusive and authentic workplace, so if you're excited about this role but your experience doesn't align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right person for this or other roles.

#LI-Hybrid

#LI-DB2

Rockwell Automation’s hybrid policy aligns that employees are expected to work at a Rockwell location at least Mondays, Tuesdays, and Thursdays unless they have a business obligation out of the office.