Sr. Security Test Engineer - Vulnerability Testing

Rockwell Automation is a global technology leader focused on helping the world’s manufacturers be more productive, sustainable, and agile. With more than 28,000 employees who make the world better every day, we know we have something special. Behind our customers - amazing companies that help feed the world, provide life-saving medicine on a global scale, and focus on clean water and green mobility - our people are energized problem solvers that take pride in how the work we do changes the world for the better.

We welcome all makers, forward thinkers, and problem solvers who are looking for a place to do their best work. And if that’s you we would love to have you join us!

Job Description

Summary:

The Senior Security Test Engineer will lead many aspects of the analysis and implementation of penetration vulnerabilities with Rockwell Automation products. Projects include all phases of a product lifecycle: requirements gathering, software architecture, software design, implementation and maintenance. The deliverables from ongoing projects are sustainable automation infrastructure who can support numerous test areas.

You will be a member of a small to medium-sized team and will perform in a leadership role. You will collaborate with other teams.

You will be required to identify and implement new tools and frameworks to enhance penetration and vulnerability test coverage. Additionally, maintaining and enhancing existing penetration tools will be expected.

Your Responsibilities:

• Performs complex Penetration Test investigations, reporting on problems encountered and documenting results for follow-up.
• Architects Penetration Testing solutions at the project level.
• Demonstrate knowledge of software Security Test techniques.
• Participates in software/product design and implementation reviews.
• Leads in the development of Security Penetration Test strategies and frameworks.
• Develop Penetration Test procedures for multiple groups.
• Provides input into the design and implementation of product and system test set-ups as related to Security Test.
• Stay on top of the "vulnerability landscape" and be up-to-date on current attacks or potential attacks. Where applicable, evaluate the potential impact of publically-identified attacks on our product portfolio.
• Considered a Security expert within the department.
• Investigate penetration vulnerabilities and devise mitigation plans
• Lead the reviews of internal and external penetration test plans.
• Within the Security Test organization.
• The design and architecture of the product to meet the needs of Security Test.
• Command respect from within and outside the automation groups.
• By identifying needs, adjusting, and working with others to implement initiatives.
• Gain and maintain the support of stakeholders and decision makers required to achieve product quality goals.
• Leverages own expertise by sharing lessons learned, documenting processes, contributing to team de-briefs, etc.
• Follow procedures relating to standards of business conduct, ethics, and conflicts of interest and complete annual training in same.

The Essentials - You Will Have:

• Minimum of a Bachelor of Science in Computer Science, Computer Engineering or equivalent with concentration in software; or equivalent knowledge in software engineering (software requirements analysis, software design, software testing, software automation).
• Typically requires 4 years' experience in Security Test Automation, Software Testing, Software Development, Applications Engineering, Technical Support, or other Test Automation roles.
• Experience in penetration testing of web applications and APIs, with an understanding of OWASP Top 10, SSRF, authentication bypasses, and other common vulnerabilities.
• Perform penetration testing application in cloud environments ( Azure, AWS)
• Network and File Fuzzing of open protocols and formats.
• Experience developing test automation solutions.
• Experience with common software programming languages such as Python.

The Preferred - You Might Also Have:

• Experience with Rockwell Automation products or other industrial control equipment.

• Experience With Python.

• Web Application Penetration Test
• Thick client Penetration TesT

• Network Penetration Test

• Hardware Reverse Engineering.

• Certifications such as OSCP, WAPTX, CISSP, CEH, GICSP, GPEN, GXPN, and/or GWAPT.

What We Offer:

Our benefits package includes

• Comprehensive mindfulness programs with a premium membership to Calm
• Volunteer Paid Time off available after 6 months of employment for eligible employees
• Company volunteer and donation matching program – Your volunteer hours or personal cash donations to an eligible charity can be matched with a charitable donation.

• Employee Assistance Program

• Personalized wellbeing programs through our OnTrack program
• On-demand digital course library for professional development

... and other local benefits!

At Rockwell Automation we are dedicated to building a diverse, inclusive and authentic workplace, so if you're excited about this role but your experience doesn't align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right person for this or other roles.

#Li-Hybrid

#Li-Fr1

Rockwell Automation’s hybrid policy aligns that employees are expected to work at a Rockwell location at least Mondays, Tuesdays, and Thursdays unless they have a business obligation out of the office.