Engineer - OT CTD

Rockwell Automation is a global technology leader focused on helping the world’s manufacturers be more productive, sustainable, and agile. With more than 28,000 employees who make the world better every day, we know we have something special. Behind our customers - amazing companies that help feed the world, provide life-saving medicine on a global scale, and focus on clean water and green mobility - our people are energized problem solvers that take pride in how the work we do changes the world for the better.

We welcome all makers, forward thinkers, and problem solvers who are looking for a place to do their best work. And if that’s you we would love to have you join us!

Job Description

ICS OT Security team responsible for several cybersecurity assignments. One of the main tasks is delivering IDS (Intrusion Detection System) services such as deployment, tunning, data enrichment, reports generation, etc. in an ICS environment. An ICS OT Security role includes:

• IDS Deployment - IDS application deployment on customer site (remotely or on-site).
• IDS tuning - Removing, reducing, indicating assets or traffic causing an unwanted behavior. Ensuring the system is not overflowed with false-positive alerts., defining internal vs external assets, identifying misconfiguration/poorly chosen sources of incoming traffic, IT/Internet assets that generate a large amount of traffic/alerts, IT Assets that generate false positives, misconfigurations – e.g., broken shares causing login events, verify and set alert sensitivity.
• IDS Health check - Identify any technical issues with the system - System components time mis-synchronisation (OS and application level), Site security alert generation mechanism is working properly, Site Integrity alert generation mechanism is working properly, Site Syslog generation mechanism is working properly, identify bottlenecks.
• Reports – Creating customised / tailor-made reports from the customers to meet specific needs and requests based on Claroty IDS information gathered, high-level security overview report for executives.
• Customer Training - Deep technical Dive with System Demo, System capabilities explanation, Incident response Training, General purpose playbook.
• Network Coverage Validation - Ensuring incoming traffic matches expected network coverage. Internal VS external subnets configurations, traffic sniffing –connection breaks, Identify Unicast traffic, Identify mainly OT Traffic, Identify ICS expected vendors, Identify missing assets, Identify unexpected OT assets, Identify unsupported protocols.

Required skills:

• Minimum two years of experience with network or system troubleshooting.
• Basic network knowledge (security design and planning can be an advantage) – Hands-on experience is required.
• Deploy, tune, and maintain IDS (Intrusion Detection System) services in ICS environments. 
• Working Know how on Claroty or other similar IDS, Secure Remote Access tools.
• Basic knowledge in systems – configuring, operating (OS – Microsoft Servers, Linux, VMs, domain environments) – Hands-on experience is required.
• Cybersecurity or network certifications can be an advantage.

Minimum Qualifications:

• Bachelor's Degree in Electrical Engineering, Industrial Engineering, Computer Science or Information Technology or related technology-driven degree. If no degree, 5+ years of experience in Manufacturing Control Systems (OT), Network Engineering, and Cyber Security.
• Previous experience working as part of a large, multi-disciplinary global team completing full project life-cycle implementations.
• Travel RequirementsFlexibility for travel 10% - 20% is required and can include both domestic and international trips.
• Legal authorization to work in the country of residence is required.

This position will report to Execution Manager.

Certifications: 

Any one Security certifications as shared below: 

• Network: CCNA/CCNP/CCIE (at least 1 mandatory) 

• Virtualization: VCP/NCP (good to have) 

• Network Security: NSE4 (Fortinet) or similar for other firewalls (Palo Alto, CISCO etc) (good to have) 

• Cybersecurity:  IEC 62443, CompTIA Security+ or similar (atleast 1 mandatory) 

• CISSP, GICSP, CSSK, CISM, or similar are preferred. 

 Travel Requirements: 

• Flexibility for travel 10-30%, including both domestic and international trips. 

Benefits:

• The ability to collaborate with, learn from colleagues in a complex, global organisation.
• We provide a working environment with a creative company, paired with a great compensation package, great benefits, and a supportive atmosphere where you can sharpen with new challenges and development opportunities.
• Corporate Social Responsibility opportunities.
• Support from our 24/7 employee assistance program.
• We are committed to equal employment opportunity regardless of race, colour, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity workplace.At Rockwell Automation we are dedicated to building a diverse, inclusive and authentic workplace, so if you're excited about this role but your experience doesn't align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right person for this or other roles.

#LI-Hybrid

#LI-RS1

Rockwell Automation’s hybrid policy aligns that employees are expected to work at a Rockwell location at least Mondays, Tuesdays, and Thursdays unless they have a business obligation out of the office.