Platform Security Architect - Industry Solutions

Rockwell Automation is a global technology leader focused on helping the world’s manufacturers be more productive, sustainable, and agile. With more than 28,000 employees who make the world better every day, we know we have something special. Behind our customers - amazing companies that help feed the world, provide life-saving medicine on a global scale, and focus on clean water and green mobility - our people are energized problem solvers that take pride in how the work we do changes the world for the better.

We welcome all makers, forward thinkers, and problem solvers who are looking for a place to do their best work. And if that’s you we would love to have you join us!

Job Description

Summary:

A Platform Security Architect will help set the strategy and technical direction applied to ensuring that our data and applications, and customers intellectual property remain secure. You will work within our System Architecture team to ensure that all software platforms and services conform to disciplined, industry best practices for information security. Deep and wide background in information security being applied across diverse technologies spanning from Edge to Cloud.

The Platform Security Architect will lead the development of security related platform deliverables including assessment, platform development and, implementation oversight efforts. The Platform Security Architect will also help develop the data platform to insure it maintains relevancy with requirements and industry changes.

• Manage platform security across lifecycle strategy, design, implementation and operations
• Lead and jointly deliver security evaluation reports on cloud providers (Azure, AWS, GCP), cloud native platforms (PCF, Docker, Kubernetes,), and Software as a Service solutions
• Establish security requirements for cloud-based solutions data platform by evaluating business strategies and requirements, researching cloud infrastructure security standards such as SOC2, ISO 27000 series, NIST CSF, and CSA
• Provide domain expertise in both public and private cloud and enterprise technology
• Identify and deliver appropriate controls based on industry standards (e.g. CCM) to lead cloud and data platform security solutions framework based on our risk and cloud native threats
• Evaluate new threats in the cloud, to identify the impact on IT and Business to develop and implement security controls
• Provide recommendations for improvement and risk reduction by assessing the data platform cloud security posture to oversee the vulnerability improvements
• You will collaborate with and influencing multiple teams, and technical leadership of a large development team or leading technical aspects of a multi-team project.
• Work directly with Agile teams to allow successful project implementation applying the recommended security tools and techniques
• Willing to research and explore new avenues to by using the latest technologies and standards.  May function as a go-to person for a technology, software methodology, or other area of expertise.
• Take the lead on identifying and recommending software development capability improvements in software development practices and development tools

• Bachelor’s degree in Computer Science, Engineering, Mathematics, related field; or equivalent combination of education/professional experience in a similar role
• 15 or more Years of experience
• 5+ years of full-time dedicated experience leading Cloud Security-focused roles on delivering security on cloud native, distributed architectural solutions
• 3+ years of experience in defining security standards and reference architectures used to guide technical resources in secure system implementation for enterprise cloud systems and use of public cloud.
• You will report to Sr. Engineering Manager

• Knowledge of main differences between most popular cloud provider solutions and cloud orchestration tools (e.g. Azure, AWS, GCP, Important Cloud Foundry, BOSH, Kubernetes, Docker,)
• Domain expertise of cloud infrastructure compute, network and storage and the cloud control plane
• Knowledge of virtualization, containers, service-mesh and enterprise service business
• Experience with structured Enterprise Architecture practices, hybrid cloud deployments, and on premise-to-cloud migration deployments
• Identify and lead remediation of public and hybrid cloud risks
• Experience designing security for cloud native, distributed computing and architectural solutions with a principle of “Design for Security”
• Expertise in performing Threat Modelling, generating security architectural requirements to software development and product teams
• Expert-level experience with encryption technologies and techniques, threat modeling and user control policies
• Understanding of Industry trends in cloud technologies for public, private and hybrid cloud deployments
• Experience building security architectures for applications deployed on or with the following technologies: MFC, Java, .Net, Linux, Microsoft Windows, Web and Cloud technologies with focus on SaaS Multi-tenant environment.
• One or more technical below security certifications:CCSP – Certified Cloud Security ProfessionalCISSP – Certified Information Systems Security ProfessionalCSSLP – Certified Secure Software Lifecycle ProfessionalCISM – Certified Information Security ManagerCSEC – SANS CIAC Security Essentials
• Experience with Agile methodologies, like SAFe, DevSecOps
• Experience with Industrial Automation platforms/services is considered
• Experience in communicating with users, other technical teams, and management to collect requirements, describe software product features, and technical designs.

Our benefits package includes …

• Comprehensive mindfulness programs with a premium membership to Calm
• Volunteer Paid Time off available after 6 months of employment for eligible employees
• Company volunteer and donation matching program – Your volunteer hours or personal cash donations to an eligible charity can be matched with a charitable donation. 
• Employee Assistance Program 
• Personalized wellbeing programs through our OnTrack program 
• On-demand digital course library for professional development

At Rockwell Automation we are dedicated to building a diverse, inclusive and authentic workplace, so if you're excited about this role but your experience doesn't align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right person for this or other roles.

#LI-Hybrid or #LI-db2

Rockwell Automation’s hybrid policy aligns that employees are expected to work at a Rockwell location at least Mondays, Tuesdays, and Thursdays unless they have a business obligation out of the office.