Milwaukee, Wisconsin, United States Cleveland, Ohio, United States Rockwell Automation is a global technology leader focused on helping the world's manufacturers be more productive, sustainable, and agile. With more than 28,000 employees who make the world better every day, we know we have something special. Behind our customers - amazing companies that help feed the world, provide life-saving medicine on a global scale, and focus on clean water and green mobility -our people are energized problem solvers that take pride in how thework we do changes the world for the better. We welcome all makers, forward thinkers, and problem solvers who are looking for a place to do their best work. And if that's you we would love to have you join us! Job Description At Rockwell Automation, we bring together the imaginations of people with the potential of technology to expand what is humanly possible, making the world more intelligent, more connected and more productive. Our mission is to improve the quality of life by making the world more productive and sustainable. Our technologies are used globally to deliver important services, such as power and water, and to enable critical manufacturing. Reporting to the Global Incident Management Leader, you will work with a high-performing team of like-minded individuals passionate about ensuring that our products are delivered with the highest levels of security and safety. You will work with an array of technologies in software, IoT, cloud, and embedded systems. Join us in the Enterprise Cybersecurity Team as we deliver safe, and secure technologies to protect our global community and the important services and goods they provide. Job Responsibilities Include: Monitor dashboards and intrusion detection and prevention systems (IDS/IPS) Perform initial analysis and investigation into alerts as they are seen (to include anti-virus and phishing alerts Perform initial malware analysis utilizing automated means Support cyber defense functions to protect our clients from cyber security incidents that have potential to cause negative impact Incident intake, ticket updates and reporting of cyber events Use SOC monitoring devices (SIEM, IDS, DLP) to review pre-defined events indicative of incidents Understand, identify and research IOCs Upload packets and evaluate source/destination activity and payloads Assist in recommendations for content to detect incidents, including IOCs for blocking and detection Participate in security incident response exercises and drills to ensure preparedness for real-world incidents. Stay informed about the latest cybersecurity threats, vulnerabilities, and trends. Collaborate with teams to enhance our overall security posture. Provide communication to team members regarding security incidents and remediation efforts. You will be asked to work a shift schedule and support coverage efforts on a 24x7x365 basis which includes work on holidays, nights, & weekends. Basic Qualifications: Bachelor's Degree OR equivalent experience Legal authorization to work in the US is required. We will not sponsor individuals for employment visas, now or in the future, for this job opening. Preferred Qualifications: Typically requires a minimum of 2 years in incident response Security+ Certification and 6+ months of Cyber or Help Desk IT Work Experience in a professional environment Experience monitoring Antivirus, Intrusion Detection Systems, Firewalls, Active Directory, Web Proxies, Vulnerability Assessment tools and other security tools found in large enterprise network environments Experience working with Security Information and Event Management (SIEM) solutions Familiarity with multiple network and host based security applications and tools, such as network and host assessment/scanning tools, network and host based intrusion detection systems, and other se