Cyber Security Data Engineer, Contract Capabilities

Rockwell Automation is a global technology leader focused on helping the world’s manufacturers be more productive, sustainable, and agile. With more than 28,000 employees who make the world better every day, we know we have something special. Behind our customers — amazing companies that help feed the world, provide life-saving medicine on a global scale, and focus on clean water and green mobility — our people are energized problem solvers who take pride in how the work we do changes the world for the better.

We welcome all makers, forward thinkers, and problem solvers who are looking for a place to do their best work. And if that’s you, we would love to have you join us!

As an OT Cybersecurity Data Engineer, you will be responsible for designing, implementing, configuring, and testing our Security Information and Event Management (SIEM) system, with a focus on integrating and analyzing data from critical OT/ICS environments. You will collaborate closely with cybersecurity teams to monitor, detect, and report security threats within industrial infrastructure. This role requires a strong understanding of SIEM and SOAR technologies, OT protocols, and cybersecurity best practices. You will report to the Global Engineering Manager, Contract Capabilities, and this position is fully remote, based anywhere in Poland.

1. Design, implement, and test SIEM and SOAR solutions tailored for OT environments, considering their unique challenges and protocols.
2. Integrate various OT data sources (e.g., IDS, EDR, control system logs, network traffic from industrial protocols) into the SIEM platform.
3. Develop and maintain custom parsers, normalizers, and correlation rules to effectively analyze OT-specific logs and events within the SIEM.
4. Optimize and manage SIEM for OT environments — configure, tune, and maintain the SIEM platform to ensure high-performance security monitoring with actionable insights.
5. Enhance security detection and integration — collaborate with OT and IT security teams to refine SIEM alerts, reduce false positives, and integrate security events across both environments.
6. Drive cybersecurity awareness and improvements — stay updated on OT security threats, document SIEM architecture, recommend new features, and provide training for security analysts.

1. SIEM expertise & OT integration — experience with SIEM platforms, OT data sources, and security event analysis (e.g., Sumo Logic, Palo Alto Cortex XSOAR).
2. Industrial systems & protocols — understanding of OT protocols, industrial control systems, and logging mechanisms.
3. Technical skills & automation — proficiency in parsing log formats, scripting languages (Python, PowerShell), and SIEM rule development.
4. Security frameworks & threat intelligence — knowledge of OT security standards (NIST SP 800-82, IEC 62443) and threat intelligence platforms.
5. Problem-solving & collaboration — troubleshooting abilities and effective collaboration across technical and non-technical teams.
6. Teamwork — ability to excel in complex environments with geographically dispersed teams.

• High level of IPC to keep up with evolving technology, understanding complex technology dependencies, and working across a range of service offerings leveraging various technologies and partners.

Our benefits package includes:

• Comprehensive mindfulness programs with a premium membership to Calm
• Volunteer Paid Time off available after 6 months of employment for eligible employees
• Company volunteer and donation matching program — your volunteer hours or personal cash donations to an eligible charity can be matched with a charitable donation
• Employee Assistance Program
• Personalized wellbeing programs through our OnTrack program
• On-demand digital course library for professional development

... and other local benefits!

At Rockwell Automation, we are dedicated to building a diverse, inclusive, and authentic workplace. If you're excited about this role but your experience doesn't align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right person for this or other roles.

#LI-Remote

#LI-AJ1