Rockwell Automation is a global technology leader focused on helping the world’s manufacturers be more productive, sustainable, and agile. With more than 28,000 employees who make the world better every day, we know we have something special. Behind our customers – amazing companies that help feed the world, provide life-saving medicine on a global scale, and focus on clean water and green mobility – our people are energized problem solvers that take pride in how the work we do changes the world for the better.
We welcome all makers, forward thinkers, and problem solvers who are looking for a place to do their best work. And if that’s you we would love to have you join us!
Responsibilities
Job Description
- Monitor security event logs and alerts generated by various security tools and systems.
- Perform initial triage of security incidents to determine the nature and severity of the event.
- Investigate and analyze security incidents, including unauthorized access attempts, malware infections, phishing attempts, and other suspicious activities.
- Document incident details, analysis findings, and response actions taken following established procedures.
- Escalate incidents that require further investigation or response to Level 2 or Level 3 analysts as appropriate.
- Participate in security incident response exercises and drills to ensure preparedness for real-world incidents.
- Stay informed about the latest cybersecurity threats, vulnerabilities, and trends.
- Collaborate with cross-functional teams to enhance the organization’s overall security posture.
- Provide timely and accurate communication to stakeholders regarding security incidents and remediation efforts.
Requirements
- Bachelor’s degree in computer science, Information Technology, Cybersecurity, or related field (or equivalent work experience).
- Strong understanding of cybersecurity principles, concepts, and best practices.
- Knowledge of common network protocols, operating systems, and security technologies.
- Familiarity with security information and event management (SIEM) tools and log analysis techniques.
- Experience with endpoint security solutions, intrusion detection/prevention systems, and firewalls.
- Ability to analyze and interpret security event data to identify potential threats and vulnerabilities.
- Excellent problem-solving skills and attention to detail.
- Effective communication skills, both verbal and written. Ability to work collaboratively in a team environment and adapt to changing priorities.
- Relevant cybersecurity certifications such as CompTIA Security+, CEH (Certified Ethical Hacker), or equivalent certifications are a plus.
Preferred Qualifications
- Experience working in a security operations center (SOC) or similar environment. (Microsoft Sentinel is a Bonus)
- Familiarity with industry frameworks and standards such as NIST Cybersecurity Framework, ISO 27001, or Cyber Kill Chain.
- Experience with incident response procedures and methodologies.
- Experience with Creating and running search queries in SIEM tools to detect security violations. Ability to work effectively under pressure in a fast-paced environment.