DevSecOps Engineer

Rockwell Automation is a global technology leader focused on helping the world's manufacturers be more productive, sustainable, and agile. With more than 28,000 employees who make the world better every day, we know we have something special. Behind our customers - amazing companies that help feed the world, provide life-saving medicine on a global scale, and focus on clean water and green mobility - our people are energized problem solvers that take pride in how the work we do changes the world for the better.

We welcome all makers, forward thinkers, and problem solvers who are looking for a place to do their best work. And if that's you we would love to have you join us!

Job Description

The DevSecOps Engineer is part of the Rockwell Automation Office of Product Safety and Security (OPSS). In this role you will be working with a dedicated team to lead the organization in establishing a world class security development ecosystem. The ideal candidate will be highly collaborative, partnering with multi-discipline teams to establish and drive security processes and practices throughout the enterprise. As you identify threats and opportunities, you will define appropriate risk reduction and mitigation strategies. You'll work cross-functionally to implement the security controls and strategies you define.

Essential Functions:

• Partner with leadership and engineering practitioners to develop a comprehensive, agile, and innovative DevSecOps program that supports all phases of the product development lifecycle.
• Lead the Rockwell Automation Open-Source Committee to expand and evolve defined policies, processes, and practices for package evaluation and utilization.
• Define policies to drive automated security compliance and controls within CI/CD pipelines.
• Support tool evaluations to enable increased security maturity across the enterprise.
• Establish Objectives and Key Results (OKRs) to drive visibility of security risks throughout the development lifecycle.
• Monitor and assess the effectiveness of security controls and identify opportunities for continuous improvement.
• Collaborate with the extended OPSS team to ensure the appropriate security requirements are embedded in the correct phases of development.
• Design enterprise processes and best practices.
• Research and explore new avenues to overcome obstacles by utilizing the latest technologies and cybersecurity standards.
• Excellent written and verbal communication skills to translate security objectives to cross-functional stakeholders.

Basic Qualifications:

• Bachelor's degree in technical discipline
• Legal authorization to work in the US is required. We will not sponsor individuals for employment visas, now or in the future, for this job opening.

Preferred Qualifications:

• Typically requires a minimum of 5 years of experience
• Typically requires a minimum of 2 years' experience in product development.
• Typically requires a minimum of 1 year experience in security practices.
• Experience with DevOps processes, CI/CD pipelines, and related tools
• Understanding of DevSecOps tools to automation strategies (e.g., Azure DevOps, Jenkins, GitHub, Black Duck, SBOM, etc.)
• Experience with cybersecurity and product development standards / practices, such as IEC 62443, NIST SSDF, DSOMM, BSIMM, and CMMI.
• Security certifications (e.g., CISSP, CSSLP) from qualified organizations such as (ISC)2.
• This position is part of a job family. Experience will be the determining factor.

#LI-MG1

#LI-REMOTE

We are an Equal Opportunity Employer including disability and veterans.

If you are an individual with a disability and you need assistance or a reasonable accommodation during the application process, please contact our services team at +1 (844) 404-7247.