| Job Description The Product Security Leader (PSL) for the Power Control Business (PCB) is the central authority for product security for the Low Voltage Drives, Medium Voltage Drives and Motor Control Center business organizations. This position is responsible for coordinating PCB product security efforts across Rockwell Automation and within PCB. This includes awareness of the state-of-the-art, industry standards, and security best practices. This further includes establishing standards, processes, and guidelines within PCB to establish world-class security in PCB products and institutionalizing them within PCB practices. Essential Functions: - Work with the portfolio managers to maintain a security roadmap for all PCB products.
- Create the prioritized list of security projects for PCB and ensure their implementation by the SAFe teams.
- Review and approve the security plans for major projects.
- Consult, review, and audit the proper application of security principles and techniques with product groups across Rockwell Automation.
- Research current security trends in Industrial Control Systems, embedded systems, hardware design, cloud-to-edge, and application security and collaborate with security experts to ensure proper security requirements are put in place.
- Be a security thought leader within Rockwell Automation through educating internal personnel and influencing proper security development techniques and tools.
- Provide guidance to senior levels of management regarding product security risk and exposure.
Minimum Qualifications: - Bachelor's degree in Security, Electrical Engineering, Computer Engineering, Computer Science or equivalent
Preferred Qualifications: - 5+ years of application and/or software/firmware development experience in a professional setting
- 2+ years of experience in demonstrating Security Development Lifecycle concepts (i.e., secure code reviews, threat modeling, and penetration testing)
- Demonstrated knowledge in the application of both software engineering and security principles, theories, concepts, and techniques.
- Written and verbal skills in English
- Basic knowledge of industrial control systems
- Excellent communication skills
- Understanding and experience implementing security standards such as the NIST Cybersecurity Framework and/or IEC 62443
- Security certification(s) such as CISSP, CEH, Applicable GIAC Certifications, OSCP, CySec Specialist (TUV Rheinland), or an advanced degree in cybersecurity.
- Knowledge of communication protocols, preferably Ethernet and/or Common Industrial Protocol (CIP), and modern Intel and ARM architectures
- Advanced coursework and/or training related to secure software engineering, application security, cloud security, embedded systems, and/or securing operating systems.
We are an Equal Opportunity Employer including disability and veterans. If you are an individual with a disability and you need assistance or a reasonable accommodation during the application process, please contact our services team at +1 (844) 404-7427. |
