Cyber Defense Engineer, Contract Capabilities
Colombia Bogota
Rockwell Automation
Rockwell Automation is a global technology leader focused on helping the world’s manufacturers be more productive, sustainable, and agile. With more than 28,000 employees who make the world better every day, we know we have something special. Behind our customers - amazing companies that help feed the world, provide life-saving medicine on a global scale, and focus on clean water and green mobility - our people are energized problem solvers that take pride in how the work we do changes the world for the better.
We welcome all makers, forward thinkers, and problem solvers who are looking for a place to do their best work. And if that’s you we would love to have you join us!
Job Description
As an OT Cybersecurity Detection Engineer, you will be responsible for designing, implementing, and managing detection strategies and tools to respond to cyber threats targeting critical OT/ICS environments. You will work with both internal and external cyber security teams to ensure the security and resilience of our industrial infrastructure. We are looking for an understanding of OT protocols, industrial control systems, OT threat intelligence and cybersecurity best practices.
Resource experienced in detection engineering and vulnerability management. You will work on the engineering integration of Verve and create market-differentiating IP into our SMR & vulnerability management services. Will use threat intelligence and collaborate with S&C security teams to create IP, such as OT detection rules and vulnerability management processes.
Reporting to Global Engineering Manager.
Your Responsibilities:
- You will develop detection rules, correlation searches, and alerting mechanisms within our Security Information and Event Management (SIEM) and other security monitoring tools specifically tailored for OT environments.
- You will analyze OT network traffic, system logs, and security events to identify suspicious activity, anomalies, and potential security incidents.
- You will maintain an understanding of OT protocols (e.g., Modbus, DNP3, IEC 61850), industrial control systems (e.g., PLC, SCADA, DCS), and their security possible effects.
- You will collaborate with OT operations and engineering teams to understand their processes, and potential vulnerabilities.
- You will tune and increase detection rules to minimize false positives and ensure high-fidelity alerts.
- You will maintain documentation for detection strategies, rules, and incident response procedures specific to OT.
- You will participate in incident response activities related to OT cybersecurity incidents, providing technical expertise in detection and analysis.
- You will contribute to the development of OT security policies, standards, and procedures.
- You will stay up-to-date on the latest OT cybersecurity threats, vulnerabilities, and mitigation techniques.
- You will recommend new security tools relevant to OT detection capabilities.
- You will collaborate with IT security teams to guarantee a cohesive and integrated security posture across both IT and OT environments.
- You will develop and deliver training or awareness sessions on OT-specific detection techniques for relevant teams.
The Essentials - You Will Have:
- Bachelor's degree in engineering or any other field with equivalent experience.
The Preferred - You Might Also Have:
- 2+ years of experience with OT protocols, architectures, and common industrial control systems.
- 2+ years of experience with SIEM\SOAR platforms and developing custom correlation rules and alerts.
- 2+ years of experience analyzing network traffic using tools like Wireshark and understanding OT-specific network protocols.
- Knowledge of common cybersecurity frameworks and standards relevant to OT (e.g., NIST SP 800-82, IEC 62443).
- Familiarity with threat intelligence sources and their application to OT environments.
- Understand internal or external customer needs.
What We Offer:
Our benefits package includes …
- Comprehensive mindfulness programs with a premium membership to Calm
- Volunteer Paid Time off available after 6 months of employment for eligible employees.
- Company volunteer and donation matching program – Your volunteer hours or personal cash donations to an eligible charity can be matched with a charitable donation.
- Employee Assistance Program
- Personalized wellbeing programs through our OnTrack program
- On-demand digital course library for professional development... and other local benefits!
#LI-PT2
#LI-remote
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Automation C Cyber defense DNP3 ICS IEC 61850 IEC 62443 Incident response Industrial Modbus Monitoring NIST SCADA SIEM SOAR Threat intelligence Vulnerabilities Vulnerability management
Perks/benefits: Career development Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.