Platform Security Engineer

Rockwell Automation is a global technology leader focused on helping the world’s manufacturers be more productive, sustainable, and agile. With more than 28,000 employees who make the world better every day, we know we have something special. Behind our customers - amazing companies that help feed the world, provide life-saving medicine on a global scale, and focus on clean water and green mobility - our people are energized problem solvers that take pride in how the work we do changes the world for the better.

We welcome all makers, forward thinkers, and problem solvers who are looking for a place to do their best work. And if that’s you we would love to have you join us!

Job Description

Role - Platform security engineer

Reports to Manager

Position Summary:

We are seeking a experienced Staff Security Software Engineer to lead and strengthen our software security practices across the development lifecycle. You will design, implement, and maintain security measures to protect our software systems from threats. You will collaborate with software engineers, product teams, and security experts to embed security into the development process and ensure that our applications meet the highest standards of safety and compliance.

Responsibilities:

• Lead the design and development of security features and tools that protect our software products from security vulnerabilities and cyber threats.
• Develop proof-of-concept, conduct threat modelling, security design and code reviews, and vulnerability assessments to identify and mitigate potential risks to meet the security requirements of the product.
• Establish a timeline and estimate the resources needed to execute a design. Consider tradeoffs between requirements, speed, cost and vulnerability in the choice of a design approach. Provide progress reports, as needed.
• Collaborate with development teams to integrate security best practices into the software development lifecycle (SDLC).
• Develop and maintain automated security testing frameworks and tools to continuously monitor and enhance the security of our software.
• Implement secure coding practices and ensure adherence to security guidelines and standards.
• Lead incident response activities related to software vulnerabilities, security breaches, and other security incidents.
• Provide mentorship and technical leadership to engineering teams on security-related topics.
• Stay informed of emerging security threats, vulnerabilities, and the latest security technologies.
• Perform security audits, risk assessments, and relevant testing to ensure compliance with regulatory and security requirements.
• Create and maintain documentation for security practices, tools, and configurations.
• Think outside the box and be willing to research and explore new avenues to by utilizing the latest technologies and standards.
• Communicate and convey design concepts, both verbally and in writing.
• Understanding of Complex control system concepts.

Qualifications:

• Bachelor's degree in computer science, Computer Engineering, Cybersecurity, or equivalent
• 10+ Years of experience in a software product development with a focus on product security
• Strong knowledge of security principles, encryption algorithms, authentication methods, and secure coding practices.
• Proficiency in C/C++ or Kotlin/Java and knowledge of secure coding techniques
• Hands-on experience with security frameworks and tools such as OWASP, SAST, DAST, or similar
• Understanding of network security, authentication protocols (OAuth, SAML, etc.), and key management
• Strong problem-solving skills and attention to detail in identifying and addressing security risks
• 3 years of experience as technical lead in a medium-sized team

Other Qualifications:

• Experience with vulnerability scanning tools, penetration testing, and threat modelling
• Strong knowledge of RTOS (QNX) and interaction between RTOS and user applications, such as linking and loading
• Familiarity with security in cloud environments (AWS, Azure, Google Cloud) and modern technologies (microservices, containers, Kubernetes)
• Direct experience with the Industrial Automation industry will be an advantage
• Direct experience collaborating with local and global technical development teams
• Excellent interpersonal, verbal and written communication skills

Benefits:

• The ability to collaborate with, learn from colleagues in a complex, global organisation.
• We provide a working environment with a creative company, paired with a great compensation package, great benefits, and a supportive atmosphere where you can sharpen with new challenges and development opportunities.
• Hybrid work-from-home and at a determined Rockwell Automation facility.
• Corporate Social Responsibility opportunities,
• Support from our 24/7 employee assistance program.

Primary work location: Pune, India.

We are committed to equal employment opportunity regardless of race, colour, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity workplace.At Rockwell Automation we are dedicated to building a diverse, inclusive and authentic workplace, so if you're excited about this role but your experience doesn't align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right person for this or other roles.

#LI-Hybrid

#LI-NB1

Rockwell Automation’s hybrid policy aligns that employees are expected to work at a Rockwell location at least Mondays, Tuesdays, and Thursdays unless they have a business obligation out of the office.