Rockwell Automation is a global technology leader focused on helping the world’s manufacturers be more productive, sustainable, and agile. With more than 28,000 employees who make the world better every day, we know we have something special. Behind our customers - amazing companies that help feed the world, provide life-saving medicine on a global scale, and focus on clean water and green mobility - our people are energized problem solvers that take pride in how the work we do changes the world for the better.

We welcome all makers, forward thinkers, and problem solvers who are looking for a place to do their best work. And if that’s you we would love to have you join us!

Job Description:

Job Description

PAM Security Analyst

Job Location : Pune/Bangalore

Job Summary:

The PAM Security Analyst acts as a crucial liaison between business stakeholders, development teams, and security engineers to implement secure access mechanisms. The primary responsibility is to design and implement security requirements for applications and APIs leveraging tools such as Hashi Corp and Cyber Ark Vault. You will translate business needs and security policies into technical specifications for development and ensure that authentication and authorization processes meet security standards and compliance regulations.

You will report to the Enterprise IAM Leader.

Your Responsibilities:

• Collaborate with product owners, architects, and business stakeholders to define and document business requirements related to secret management, privileged access management and access control.
• Conduct interviews and workshops to gather and clarify security-related business requirements for our privileged access across applications including APIs.
• Work with technical teams to design and implement API security policies and access models within privileged access management and secrets management solutions.
• Translate access management business needs into actionable specifications, including authentication methods (e.g., JWT, OAuth), request-response formats, and policy-based authorization.
• Create detailed documentation, security policies, and procedural guides for developers and other internal teams to secure applications.
• Provide operational support for the suite of privileged management solutions (e.g., Cyber Ark, Hashi Corp Vault, PKI), including implementing hot fixes, resolving bugs, troubleshooting issues, performing break-fixes, managing secrets lifecycle, and delivering end-user support.
• Develop and deliver training to internal teams on Vault integration and application security best practices. Conduct application security assessments, penetration testing, and remediation planning with a focus on access management components.
• Design appropriate data access controls to secure applications.
• Ensure that PAM and application security measures follow regulatory and compliance standards (e.g., ISO 27001, NIST, GDPR, etc.).
• Support internal and external audits.

The Essentials

You Will Have:

• Bachelor's / Masters Degree in computer science, software engineering, management information systems, or related field or equivalent relevant years of experience.
• Requires minimum 5-8 years of experience in Cyber Security, Privileged Access Management and vault solutions.

· Experience with secrets management solutions (e.g., Hashi Corp Vault, Cyber Ark Conjur).

The Preferred

You Might Also Have:

• Working knowledge of Hashi Corp Vault and its components, including secret engines (KV, PKI, Transit), auth methods, and policies.

• Knowledge of privileged access management methodologies and techniques for on-prem and Cloud implementation.

• Knowledge of application authentication and authorization systems (i.e., Active Directory, o Auth 2.0, OIDC, AWS IAM, App Role, k8s, LDAPS, Kerberos, Certificate)

• Experience defining security for REST APIs, including knowledge of JSON, API security best practices, and authentication protocols (OAuth, JWT).

• Experience with API testing tools such as Postman or SoapUI.

• Familiarity with modern software development methodologies (Agile, Scrum) and DevOps practices.

• Ability to translate complex business needs into clear, actionable technical requirements.

• Proficiency with visualization and documentation tools (e.g., Visio, Confluence, or JIRA).

• Familiarity with configuration management and automation tools (e.g., SALT, Ansible, or Terraform).

• Experience with OAuth2, OpenID Connect, JWT, and API gateway security patterns.

• Experience working with cloud-native environments (AWS, Azure, or GCP).

What We Offer:

Our benefits package includes …

• Comprehensive mindfulness programme with a premium membership to Calm.
• Volunteer Paid Time off available after 6 months of employment for eligible employees.
• Company volunteer and donation matching programme – Your volunteer hours or personal cash donations to an eligible charity can be matched with a charitable donation.
• Employee Assistance Program.
• Personalised wellbeing programmes through our On Track programme.
• On-demand digital course library for professional development.

... and other local benefits!

At Rockwell Automation we are dedicated to building a diverse, inclusive and authentic workplace, so if you're excited about this role but your experience doesn't align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right person for this or other roles.

Rockwell Automation’s hybrid policy aligns that employees are expected to work at a Rockwell location at least Mondays, Tuesdays, and Thursdays unless they have a business obligation out of the office.