The Security Test Engineer will be responsible for vulnerability analysis and the implementation of penetration vulnerabilities with Rockwell Automation products. Projects include all phases of a product lifecycle: requirements gathering, software architecture, software design, implementation, automation, and maintenance.
The candidate will be a member of a small to medium-sized multi-location team. He or she will collaborate with their team and other teams on a regular basis.
The candidate will be required to identify and implement new tools and frameworks to enhance penetration and vulnerability test coverage. Maintaining and enhancing existing penetration tools will also be expected.
- Takes direction in the development of Security Penetration Test strategies and frameworks.
- Develops Penetration Test procedures for multiple groups.
- Performs complex Penetration Test investigations, reporting problems encountered and documenting results for follow-up.
- Demonstrates strong knowledge of software Security Test techniques.
- Participates in software/product design and implementation reviews as they relate to Security.
- Stays on top of the "vulnerability landscape" and is up-to-date on current attacks or potential attacks. Where applicable, evaluates the potential impact of publicly identified attacks on our product portfolio.
- Provides input into the design and implementation of product and system test set-ups as related to Security Test.
- Performs vulnerability assessments and devises mitigation plans. Leadership
- Considered a Security resource within the department.
- Leads the reviews of internal and external penetration test plans.
- Ability to drive change within the Security Test organization.
- Ability to influence the design and architecture of the product to meet the needs of Security Test.
- Commands respect from their own team and product teams.
- Adapts to change by identifying needs, adjusting, and working with others as appropriate to implement initiatives.
- Gain and maintain the support of stakeholders and decision makers required to achieve product quality goals.
- Leverages own expertise by sharing lessons learned, documenting processes, contributing to team de-briefs, etc.
- Adheres to policies and procedures relating to standards of business conduct, ethics, and conflicts of interest and completes annual training in same.
Who we're looking for?
Minimum of a Bachelor of Science in Computer Science, Computer Engineering or equivalent with concentration in software; or equivalent knowledge in Security Test engineering.
- Typically requires a minimum of 2 years’ experience in Security Test Automation, Software Testing, Software Development, Applications Engineering, Technical Support, or other Security Test roles.
- Strong knowledge of Security Test, Penetration testing, and vulnerability analysis.
- Network and File Fuzzing of open protocols and formats
- Experience with common software programming languages such as Python.
- Excellent verbal and written communication skills.
- Passion for Security Test, Penetration testing, and vulnerability analysis.
- Protocol and File Fuzzing of open protocols and formats
- Experience with Rockwell Automation products or other industrial control equipment.
- Experience with the Python programming language.
- Experience working with VMs.
- Web Application Penetration Test
- Network Penetration Test
- Software Reverse Engineering (Windows and/or Embedded OS)
- Hardware Reverse Engineering
- Working knowledge of OWASP top 10
- Certifications such as CISSP, CEH, GICSP, GPEN, GXPN, and/or GWAPT.
- Healthcare package
- Healthcare package for families
- Leisure package
- Leisure package for families
- Financial bonus
- Cold beverages
- Hot beverages
- Car parking
- Bicycle parking