Rockwell Automation is a global technology leader focused on helping the world’s manufacturers be more productive, sustainable, and agile. With more than 28,000 employees who make the world better every day, we know we have something special. Behind our customers - amazing companies that help feed the world, provide life-saving medicine on a global scale, and focus on clean water and green mobility - our people are energized problem solvers that take pride in how the work we do changes the world for the better.
We welcome all makers, forward thinkers, and problem solvers who are looking for a place to do their best work. And if that’s you we would love to have you join us!
Job Description
POSITION SUMMARY
Rockwell Automation is a global technology leader focused on helping the world’s manufacturers be more productive, sustainable, and agile. With more than 28,000 employees who make the world better every day, we know we have something special. Behind our customers - amazing companies that help feed the world, provide life-saving medicine on a global scale, and focus on clean water and green mobility - our people are energized problem solvers that take pride in how the work we do changes the world for the better.
We welcome all makers, forward thinkers, and problem solvers who are looking for a place to do their best work. And if that’s you we would love to have you join us!
You will be reporting to the Capabilities & Innovation Contract Engineering Manager and will be professional guided by the Contract Engineering GRC and Security Lead who is accountable to implement and lead the cybersecurity program across the Capabilities & Innovation and to ensure compliance to cybersecurity standards, as applicable, such as DwS (Deliver-with-Security), IEC 62443, ISO 27001, NIS2 and other security standards as they evolve and are announced going forward. (Note: This position is related to cybersecurity only. For ease of reading below we use the term “security” in some cases instead).
Key Responsibilities:
· Lead the rollout, training and execution of security programs within their business in coordination with Contract Engineering GRC and Security Lead and the Office of Product Safety and Security (OPSS) to understand the requirements and ensure the business remains in compliance.
· Lead security vulnerability and risk assessments on business offerings and delivery processes, and issue investigations, guide risk mitigations efforts and participate in appropriate incident response activities.
· Lead the response and actions to mitigate identified security risks impacting the business, which may originate from multiple sources including our teams, vendors, customers, and partners.
· Prioritize and execute key security programs to drive continuous improvement in the of security for the business and its offerings, in alignment with the LCS Cyber Security Coordinator.
· Ensure & Innovation management to ensure leadership awareness of the compliance status, risks, mitigation plans, etc. This includes driving resource and other investment needs to support compliance to all security program requirements.
· Act as main contact for the business in responding to customer and customers' auditors security-related inquiries and ensure high quality responses to customers, demonstrating Rockwell Automation’s expertise.
· Create business specific training on security requirements (regulations and standards) and ensure training is cascaded to all impacted personnel in the business. Update business procedures, to support implementation & tracking of requirements.
· Lead development of engineering standards, best practices, and implementation guidance of security program requirements with support of business Cyber Security Subject Matter Experts (SMEs), as required, to lead consistency and efficiency of execution for delivering offerings.
· Act as Cyber Security function in the services offering development process - review requirements and related delivery processes of new offerings for adherence to applicable security standards, lead risk assessments and sign-off as member of the governance team.
· Act as the key contact for security related inquiries (from customer or internal sources) within their business.
· Assess exception requests from delivery teams, perform risk assessments and provide recommendations to leadership on how to proceed.
· Support alignment between security-related processes and best practices across the different LCS business groups, promoting consistency and synergies.
· Be part of an internal cyber security audit team to comply with the internal and external standards.
· Build standardized metrics to measure compliance of business group to security program requirements in alignment with the Office of Product Safety and Security (OPSS).
· Collaborate with the Office of Product Safety and Security (OPSS) and other security stakeholders on security requirements for the business on regular basis, to understand the requirements and ensure the business remains in compliance.
Key Stakeholder Relationships:
Global LCS Quality & Compliance ManagerLCS Cyber Security CoordinatorOffice of Product Safety and Security (OPSS)LCS business leadersRequired Qualifications & Experience
Bachelor’s degree in Computer Engineering, Software Engineering, Electrical Engineering, or similar Engineering Technology degree.Legal authorization to work in the country of employment.Travel requirements, as defined by the business/department.8+ years general expereince. 5+ years of experience leading Cyber Security compliance within a global and matrixed business environment, balancing compliance to security standards with business objectives.Preferred Qualifications & Experience
Knowledge of IEC 62443, ISO 27000, NIS2 and other security standards.· Experience with Rockwell Automation business system and service offerings.
· Experience using the Rockwell Automation Solution Lifecycle (RASL) processes for system architecture delivery.
· Experience using and implementing security requirements from the Delivery with Security (DwS) program.
· Experience evaluating software tools for test automation, system configuration, user account management, virtual machine management and patch management.
· Knowledge of industrial controls systems and their communications interfaces and protocols such as Ethernet/IP
· Experience in partnering across discipline, team, business, and organizational boundaries to resolve technical security challenges.
· Experience providing professional guidance to delivery teams and to management in all security matters.
What We Offer:
Our benefits package includes …
· Comprehensive mindfulness programs with a premium membership to Calm
· Volunteer Paid Time off available after 6 months of employment for eligible employees.
· Company volunteer and donation matching program – Your volunteer hours or personal cash donations to an eligible charity can be matched with a charitable donation.
· Employee Assistance Program
· Personalized wellbeing programs through our OnTrack program
· On-demand digital course library for professional development... and other local benefits!
We believe that employee diversity is an important element of our common future. We provide opportunities for talent growth with the entire organization. We support equality by celebrating the individuality of every person, regardless of their origin and identity. We appreciate the unique cultural pattern and variety of experiences in each of us. We invite all who want to join and change the world of our organization.
#LI-EV1
#LI-Hybrid
Rockwell Automation’s hybrid policy aligns that employees are expected to work at a Rockwell location at least Mondays, Tuesdays, and Thursdays unless they have a business obligation out of the office.