Senior Product Security Engineer

Rockwell AutomationMilwaukee, WI
7dHybrid
Match Resume

About The Position

The Product Security Engineer secures embedded products, firmware, and industrial components across the full product lifecycle. Your role combines firmware security, secure architecture, reverse engineering, and secure development lifecycle practices. You will report to the Product Security Leader/Officer (PSL) and partner with engineering teams through the engineering Vee to mature security controls in high-visibility industrial products used worldwide. This role is not in IT security, nor Operational Security. You will work with Product Engineering Teams. You will get to see your secured products manufactured then sold and placed into Operational Technology Environments. You will assess vulnerabilities, analyze SBOM and CVE data, model threats, score risk, and support secure-by-design decisions. You will help create and refine security controls such as secure boot, trusted hardware, cryptographic protections, and secure update mechanisms. You will also assist teams during design reviews, testing, debugging, and remediation activities. You will evaluate diagnostics, logs, test results, and firmware images to identify weaknesses or anomalies. You will have lifecycle responsibility for threat model components which will be used by Security Champions for Models. The components will use VAST, LINDDUN, IEC 62443, NIST 800-53/800-82, and Common Criteria evaluation techniques. You will lead evaluations of Threat model Dispositions. You will help ensure products meet secure software development framework (SSDF) DevSecOps processes and support operational security requirements for products which are deployed in OT environments. This is a product security engineering role focused on embedded systems, firmware, industrial protocols, and secure architecture. It is not an IT Security, Network Security, or Operational Security role. The work directly supports downstream SOC, audit, and enterprise cybersecurity teams by ensuring products are secure from the start.

Requirements

  • Bachelor's degree in Computer Engineering, Computer Science, Electrical Engineering, or a related field.
  • Legal authorization to work in the U.S. We will not sponsor individuals for employment visas, now or in the future, for this job opening.

Nice To Haves

  • Typically requires 8+ years of experience in embedded systems, firmware development, cybersecurity, or product security.
  • Proficiency in C/C++, embedded operating systems, microcontrollers, Linux, Infrastructure as Code and device drivers.
  • Your experience with secure boot, TPM, cryptography, and firmware signing will be critical to project success.
  • Experience using debugging, tracing, or reverse engineering tools.
  • Experience performing vulnerability analysis or threat modeling.
  • You will need to explain complex issues to both technical and non-technical audiences.
  • You will collaborate across discipline teams.
  • You will help set priorities for project deliverables.
  • Experience with industrial or real-time embedded systems.
  • Experience with IEC 62443, NIST 800-53, NIST 800-82, or Common Criteria.
  • Experience with fuzzing, dynamic testing, exploit analysis, or binary instrumentation.
  • Experience with secure build systems, CI/CD pipelines, or DevSecOps tools like Puppet, Ansible, Coverity, Blackduck, Jfrog, Cybeats, and Jenkins.
  • Knowledge of ICS protocols such as CIP, CAN, SPI, I2C, UART, Modbus, or IO-Link.
  • Security certifications such as CISSP, CSSLP, OSCP, GPEN, GREM, or IEC 62443.
  • Experience mentoring engineers or supporting security champions.
  • Travel, including internationally, up to 25% of time.

Responsibilities

  • Embedded & Firmware Security Design, review, and improve security controls for firmware, bootloaders, trusted hardware, and cryptographic modules.
  • Analyze firmware and binaries using tools such as Ghidra, IDA Pro, Binary Ninja, or similar.
  • Support secure coding practices for C/C++ and embedded operating systems.
  • Security Architecture & Cross-Team Collaboration Partner with architects and engineering leads to apply secure design principles.
  • Support architecture reviews and technical discussions for products in the entire spectrum of their life cycle from cradle to grave.
  • Align engineering teams with secure development frameworks such as SSDF, DSOD, and secure lifecycle processes.
  • Provide applicable recommendations and rationale to help resolve security design decisions.
  • Threat Modeling & Vulnerability Analysis You will support threat models components as part of the Secure Development Life Cycle process.
  • Your components will use VAST, LINDDUN, IEC 62443, NIST 800-53/82, CAPEC, Emb3d, ATT&CK, OWASP and Common Criteria frameworks.
  • Identify attack surfaces, trust boundaries, misuse cases, and system risks.
  • Evaluate SBOM data, CVEs, CWE/CAPEC mappings, and analysis reports.
  • Document risk summaries and security requirements that guide engineering.
  • Offensive Security & Validation Reproduce reported vulnerabilities using debugging, tracing, instrumentation, or reverse engineering techniques.
  • Build proof-of-concept straw men to validate solutions, estimate severity and support prioritization.
  • Partner with firmware and hardware teams to design and verify mitigations.
  • DevSecOps & Lifecycle Support Contribute to secure build processes, CI/CD workflows, and automated testing.
  • Support verification and validation of security controls across development, testing, and manufacturing.
  • ICS/OT Secure Design Review ICS/OT interfaces and protocols such as CIP, CAN, SPI, I2C, UART/RS-485, IO-Link, and Modbus.
  • Support secure integration for industrial sensing, safety, and communication products.
  • Leadership & PSL Partnership Communicate security risks, mitigations, and recommendations clearly to multiple audiences.
  • Participate in secure design reviews, internal audits, and compliance activities.
  • You will mentor engineers and help development the cyber competency of the security champions.

Benefits

  • Health, Medical, Dental, Vision, Life & Disability Insurance
  • 401k
  • Paid Time off
  • Parental and Caregiver Leave
  • Flexible Work Schedule where you will work with your manager to enjoy a work schedule that can be flexible with your personal life.
  • Opportunities to influence secure product architecture and embedded cybersecurity for global OT systems.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Senior

Number of Employees

5,001-10,000 employees

Job Search Resources

Similar Senior Product Security Engineer job opportunities

Senior Security Engineer, Product Security
The Walt Disney Company
The Walt Disney Company • Burbank, CA13d
Senior Product Security Engineer
Aurora Innovation
Aurora Innovation • Mountain View, CA3d
Senior Product Security Engineer
Hewlett Packard Enterprise
Hewlett Packard Enterprise • San Juan, PR13d • Hybrid
Senior Product Security Engineer
LMArena
LMArena5d
🔥 New JobSenior Product Security Engineer
Hewlett Packard Enterprise
Hewlett Packard Enterprise • San Juan, PR14h • Hybrid
Senior Product Security Engineer
Boeing
Boeing • Berkeley, MO10d • Onsite
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service