Location: San Jose - California
Location: Medellin, Antioquia, Colombia
We are seeking an experienced Senior Software Architect with a strong technical security background that can be applied to the development of cloud and industrial IoT applications. This candidate would be part of a cross-organization architecture team responsible for driving the software architectural vision and strategy for the company. The security software architect will provide architectural guidance and enablement across Rockwell Automation's software product and platform portfolio.
The ideal candidate is a highly organized results driven team player with excellent communication skills. We are looking for proven track record in designing, configuring and implementing secure enterprise and industrial software solutions and security processes that span the design, operate and maintain phases of industrial automation.
The candidate will be expected to acquire or possess a deep technical understanding of the relevant products, technology stacks and challenges that especially bridge IT and OT networks. The candidate will need to collaborate and communicate effectively with other professionals, strategic partners and with customers in a thought-leading capacity. The individual should possess the business acumen to outline and communicate practical long- and near-term security strategies.
- Serve as the cross-product architect for the software & cloud security domain in areas such as SDLC, Risk Modeling, Cloud Security architectures, Pen Testing, SOAR (Security Orchestration, Automation and Response)
- Develop and lead a cross-product Security Architecture working group.
- Serve as a key security-centric technical advocate and advisor on relevant M&A activities (including technical evaluations) and partner engagements
- Provide technical leadership and collaborate on key architectural decisions and design considerations with regards to secure software development and secure architectural/solution designs
- Participate in application and cloud/edge infrastructure projects to provide security -planning guidance and governance
- Coordinate with DevOps teams to advocate secure coding practices
- Work with relevant product managers, product architects, and business managers to champion and help deliver and assess security-related initiatives
- Serve as security liaison with corporate security IT teams
- Maintain deep knowledge of security threats and vulnerabilities across product portfolio and helps drive remediation and resolution of potential high profile/critical security vulnerabilities
- Mentor development teams globally (i.e. demonstrate good and secure coding practices and helping them architect code)
- Contribute to and promote good software engineering practices across the team.
- The base salary compensation range for this role in Colorado is $132,400 to $165,600 with an annual target bonus of 8% of base salary.
- Bachelor's Degree
- Legal authorization to work in the US is required. We will not sponsor individuals for employment visas, now or in the future, for this job opening
- 4+ years' experience in secure product/project engineering
- 3+ years of a hands-on Solution Architect/Software Architect/Technical Lead role
- Understanding of software security architecture and design, SDLC and best practices in application security
- Experience with security compliance process implementation and/or governance (e.g. SOC 2, ISO 27001)
- Experienced with Application Security Testing Tools and Techniques such as Vulnerability Databases (NVD, CVE CWE), Software Composition Analysis (SCA), Software Bill of Materials (SBOM), Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Integration of Security tools in CI/CD environments, Application Threat Modelling
- Experienced with Web Single Sign-on (SSO), specifically on Authentication Protocols, Authentication (authn) Methods, Federation Protocols, SSO Solutions (KeyCloak, PingFederate, Okta, ADFS) and Authorization (authz) Methods, Policy Management (OPA)
- Experienced with Cryptographic Algorithms and Methods
- Experienced with Identity Management (IdM) such as Active Directory, ADFS, Kerberos, LDAP
- Experience with Microsoft Azure and related analytics and infrastructure services
- Experience with industrial automation/OT communications protocols such as CIP and OPC-UA and their security implications.
- Deep understanding of Internet Protocols and Security Implications
- Familiarity with Cloud Infrastructure and Security Implications for Virtual Machines, Serverless Designs, Container technology (Docker/Kubernetes), Orchestration, Software Defined Networks
- Familiarity with cyber security practices like Red Team/ Blue team and related Incident Management
- Familiarity with Internet of Things Edge Hardware platforms, especially design for cloud connectivity
- Familiarity with methods for securely storing secrets such as Credential vaults, Database encryption and Keystores
- Excellent problem-solving skills and ability to break down complexity.
- Ability to see multiple solutions to problems and choose the most appropriate one for the situation
- Excellent written and oral communication skills with the ability and patience to explain complex security concepts to non-technical audiences
- Excellent team player
We are an Equal Opportunity Employer including disability and veterans.
If you are an individual with a disability and you need assistance or a reasonable accommodation during the application process, please contact our services team at +1 (see application details).