Product Security Manager, Governance and Compliance
Type: Full Time
Internal Number: R21-10710
We bring together the imaginations of people with the potential of technology to expand what is humanly possible, making the world more intelligent, more connected and more productive. Our mission is to improve the quality of life by making the world more productive and sustainable.
We are committed to enabling the next generation of smart manufacturing. With the right strategy, talented people, and our substantial financial strength, we are dedicated to deliver value to our customers. We are living our larger purpose as a company. Whatever happens in the world around us, who we are and how we help our customers and our people never waivers. When you join us, you gain 23,500 global colleagues in more than 100 countries. We come from all walks of life, but share a single purpose: to help industrial companies and their people be more productive and sustainable.
Our technologies are used globally to deliver critical services, such as power and water, and to enable critical manufacturing. In this role, you will work with a high-performing team of like-minded individuals passionate about ensuring that our products are delivered with the highest levels of security. You will have the opportunity to work with a diverse array of technologies in software, IoT, cloud, and embedded systems. Join us in the Office of Product Safety and Security (OPSS) as we deliver safe, secure and resilient technologies to protect our global community and the critical services and goods they provide.
In this position, you will report to the Chief Product Security Officer and you be responsible for developing the strategic vision, organization structure, operating policies and procedures and management practices to ensure every product is developed securely. You will deliver business results by championing a culture of accountability and consistent application of our SDL (Security Development Lifecycle) practices. In addition, you will ensure organizational adherence to company standards, tools and guidelines and oversee audit and compliance efforts. The scope of this role is enterprise wide, leading a corporate center of excellence across all product teams in Rockwell Automation and 3rd party suppliers.
As Product Security Manager on our team, you will:
Establish and implement a governance framework and associated processes for continual adherence to the Rockwell Automation Security Development Lifecycle (SDL).
Maintain a collaborative working relationship with business unit leaders and engineering teams and work to champion the SDL across the company
Established the direction for developing data-based decision making, include the development of operational metrics
Ensures team adherence to company policies, standards, tools and guidelines to meet audit and compliance objectives
Track performance against established metrics and develop reports for leadership enabling management to hold employees accountable for meeting objectives
Understand the breadth of worldwide cybersecurity laws and improvements to make to our SDL to comply with those laws. You and your team will be the experts on these standards within the company.
Thought leadership internally and externally
Develop and manage a product security training curriculum to include product security awareness and technical training.
Bachelor's Degree in technical discipline
Legal authorization to work in the US is required. We will not sponsor individuals for employment visas, now or in the future, for this job opening.
A minimum of 7 years of experience in software and/or application development
A minimum of 3 years of experience managing corporate security programs and teams.
A minimum of 3 years of experience managing a Secure Software Development life cycle integrating security into all stages of development at a large development organization
Demonstrated technical expertise and understanding of modern development practices and languages
Understanding of DevSecOps, cloud platform development and operations
Demonstrated commitment to excellence with corresponding leadership abilities needed to direct and motivate a team to provide industry-leading security
Exceptional skills driving initiatives and programs in a large corporate environment
Experience building, developing and leading highly effective security teams
Experience with cybersecurity standards and practices around security development lifecycles such as IEC 62443, NIST SSDF, BSIMM, SOC 2
Security certifications (e.g. CISSP, CSSLP) from qualified organizations such as (ISC)2.
*This position is part of a job family. Experience will be the determining factor.
We are an Equal Opportunity Employer including disability and veterans.
If you are an individual with a disability and you need assistance or a reasonable accommodation during the application process, please contact our services team at +1 (844) 404-7247.
Rockwell Automation is the largest company in the world dedicated to industrial automation and information. Here, we connect the imaginations of people with the potential of technology to make the world more intelligent, more connected and more productive.
From improving the production of medicines that boost human health to reducing waste in an oil and gas plant, the work we do changes how we live. We truly believe we are doing things never before possible. And we need the brightest minds to help make that happen – the makers, the forward thinkers, the problem solvers.
Join a team of more than 23,000 global employees in 100+ countries as we work together to expand human possibility.