Cybersecurity Senior Consultant responsible for evaluating cybersecurity and resilience capabilities. Collaborating with clients to enhance security posture and compliance through assessments and advisory engagements.
About the role
- Product Security Engineer enhancing security frameworks and providing product security expertise at Rockwell Automation. Collaborating with teams on software, AI, cloud, and embedded systems to mitigate cyber risks.
Responsibilities
- Contribute to the refinement and rollout of security frameworks and policies.
- Participate in organization wide cybersecurity activities, including risk assessments, roadmap development, and stakeholder engagement.
- Partner with technical security thought leaders (e.g., benchmarking, conferences), to evolve the SDL strategy and direction.
- Represent the central security office function with external certifying bodies.
- Participate in security architecture and design review meetings.
- Review product architectures for security design gaps and vulnerabilities and consult with product teams to mitigate cyber risk.
- Develop and maintain solutions to automate security governance processes and workflows.
- Collaborate with DevSecOps and architecture teams to integrate automation into existing platforms and CI/CD pipelines.
- Maintain knowledge of security threats and vulnerabilities for OT environment.
- Provide product security related mentoring and security expertise.
- Participate in standards and research opportunities outside of RA.
Requirements
- Bachelor's Degree
- Legal authorization to work in the US or Canada is required.
- Typically requires 5+ years of experience in relevant product security areas.
- Degree in Computer Engineering, Computer Science, Electrical Engineering, or similar discipline.
- Experience in Operational Technology cybersecurity
- Experience in one of security domains: Secure SW Engineering, HW Security, Embedded Security, and other related fields.
- Experience developing software, automated tests and tools in high-level languages like Python, with or without AI Augmentation.
- Good understanding in disciplines such as Trusted platform module, Secure Boot, different cryptography technologies, web application security, network security, operating system internals and hardening.
- Advanced knowledge in at least two or three of these areas.
- Experience working with development teams to review design, construct threat models and secure coding practices.
- Understanding of security by design principles and architecture level security concepts
- Experience with CI/CD environments, SAST and DAST tools
- Experience of industrial protocols, especially Common Industrial Protocol (CIP)
- Industrial cybersecurity and/or information technology certifications such as 62443 CyberSecurity specialist, (ISC)² CISSP, or SANS GICSP - or you are ready to obtain it shortly.
- Ability to travel, including internationally, up to 20% of time.
Benefits
- Health Insurance including Medical, Dental and Vision
- 401k
- Paid Time off
- Parental and Caregiver Leave
- Flexible Work Schedule where you will work with your manager to enjoy a work schedule that can be flexible with your personal life.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Security Architect leading security strategy development and implementation for Kyndryl. Conducting performance testing and ensuring compliance with security guidelines and audits.
Junior Consultant working on Cyber Security standards and customer advisory at MKS4U IT - Beratungs GmbH. Engaging in security assessments and developing long - term security strategies.
IT - Security Consultant at Institut für Datenschutz und Datensicherheit guiding IT compliance and security strategies. Engage with clients to enhance IT security practices across Germany.
Business Development Representative creating and managing lead generation pipelines for cybersecurity solutions. Engaging with enterprise clients in Switzerland and Germany in a hybrid work model.
Information Security Officer responsible for developing and implementing security strategies at an IT service provider for the food and beverage industry. Engaging with teams and management on cyber risks and compliance.
Information Security Manager leading CISOaaS or GRC consultants for NVISO in Germany. Enhancing clients’ cybersecurity posture and driving strategic security initiatives.
Técnico de Segurança do Trabalho JR assisting with safety documentation and training for field activities at Arcadis. Focused on sustainable solutions in engineering and consulting.
Compliance Specialist managing documentation and policies for Orro's Information Security Management System. Supporting essential compliance activities across ISO 27001 and IRAP with strong attention to detail.
Infra Security Engineer focusing on endpoint security solutions in South Korea's urban mobility services. Collaborating on security architecture and threat detection initiatives.