Rockwell Automation is a global technology leader focused on helping the world's manufacturers be more productive, sustainable, and agile. With more than 28,000 employees who make the world better every day, we know we have something special. Behind our customers - amazing companies that help feed the world, provide life-saving medicine on a global scale, and focus on clean water and green mobility -our people are energized problem solvers that take pride in how thework we do changes the world for the better.
We welcome all makers, forward thinkers, and problem solvers who are looking for a place to do their best work. And if that's you we would love to have you join us!
Job Description
PAM Analyst
Job Location : Pune/Bangalore/Noida
Job Summary:
This role is responsible for securing API access, secrets, and machine credentials using industry‑standard secrets management solutions. The focus will be on integrating a secure vault with SaaS, on‑premises, and hybrid applications used across Rockwell Automation. The position ensures secure handling of sensitive credentials while enforcing security policies for API interactions.
You will report to the Enterprise IAM Leader.
Your Responsibilities:
- Onboard Rockwell Automation enterprise applications onto the secrets management solution such as HashiCorp Vault or CyberArk Conjure
- Establish and standardize processes for secrets management onboarding, offboarding, and operational support.
- Design and implement API security policies and controls, including authentication, authorization, encryption, and threat detection.
- Secure API integrations across platforms in alignment with enterprise security standards and compliance requirements.
- Identify opportunities to automate manual processes to improve efficiency and security posture.
- Manage application secrets and credentials, including policy enforcement and automated rotation.
- Automate security configurations and enforcement using infrastructure‑as‑code and configuration management tools.
- Collaborate closely with DevOps, IAM, and application teams to embed security controls throughout the API lifecycle and CI/CD pipelines.
- Conduct API security assessments, and remediation planning.
- Monitor API traffic and logs for anomalies and respond to API‑related security incidents.
- Implement secure API authentication and authorization mechanisms leveraging vault technologies.
- Ensure secure data handling practices for all API interactions.
- Gather business requirements and provide guidance and walkthroughs for integrating SDKs and API services with Secrets and IAM platforms.
- Participate in on‑call support rotations as required.
- Work independently and collaboratively as part of the Privileged Access Management and Non‑Human Identity team.
The Essentials - You Will Have:
- Bachelor's or Master's degree in Computer Science, Software Engineering, Management Information Systems, or a related field, or equivalent practical experience.
- 5-8 years of experience in cybersecurity with a strong focus on API security and secrets or vault management.
- Hands‑on experience with enterprise secrets management solutions such as HashiCorp Vault or CyberArk Conjur.
The Preferred - You Might Also Have:
- Experience with API security platforms such as MuleSoft, Apigee, or AWS API Gateway or Salt.
- Familiarity with automation and configuration management tools (e.g. Ansible, Terraform).
- Strong understanding of OAuth 2.0, OpenID Connect, JWT, and API gateway security patterns.
- Experience working in cloud‑native environments (AWS, Azure, or GCP).
- Proficiency in scripting and automation using Python, Bash, or YAML.
- Relevant security certifications (e.g., CISSP, CCSP, GIAC, or API‑specific certifications).
- Experience with container security and Kubernetes environments.
What We Offer:
Our benefits package includes …
- Comprehensive mindfulness programme with a premium membership to Calm.
- Volunteer Paid Time off available after 6 months of employment for eligible employees.
- Company volunteer and donation matching programme - Your volunteer hours or personal cash donations to an eligible charity can be matched with a charitable donation.
- Employee Assistance Program.
- Personalised wellbeing programmes through our OnTrack programme.
- On-demand digital course library for professional development.
... and other local benefits!
#LI-Hybrid
#LI-SM1
Rockwell Automation's hybrid policy aligns that employees are expected to work at a Rockwell location at least Mondays, Tuesdays, and Thursdays unless they have a business obligation out of the office.
