Software Supply Chain Security Engineer

If you are a professional in Software Security or Cyber Security looking for an opportunity to grow, Emerson has an opportunity for you! In either our Shakopee MN or Boulder, CO office, we are hiring for the role of Software Supply Chain Security Engineer. 

You will play a pivotal role in ensuring the security and integrity of the software supply chain across the organization.

This position will focus on Software Bill of Materials (SBOM) management, secure software supply chain practices, and multi-functional collaboration to strengthen cybersecurity across all Emerson software products.

While this role is deeply integrated with SDLC processes, it does not directly manage them but works closely with development, security, and operations teams to drive adoption of standard processes in secure software supply chain management. 

In this Role, Your Responsibilities Will Be:


* Lead SBOM Management Across the Organization:
+ Develop and implement SBOM policies and governance to improve software supply chain transparency.
+ Support product teams in crafting, maintaining, and analyzing SBOMs, ensuring compliance with security and regulatory requirements.
+ Provide insights on vulnerabilities, licensing risks, and component dependencies across product portfolios.


* Enhance Secure Software Supply Chain Practices:
+ Establish and promote standard processes for securing third-party and open-source software components across Emerson’s software ecosystem.
+ Ensure alignment with emerging industry regulations, executive orders, and security frameworks (NIST SSDF, ISO 27001, IEC 62443, etc.).
+ Work closely with product security teams to identify gaps in software supply chain security and provide recommendations for improvement.


* Collaborate with Development and Security Teams:
+ Partner with engineering, DevOps, and security teams to integrate secure software supply chain practices without redefining workflows.
+ Act as a trusted advisor on software supply chain risks, ensuring secure development and deployment practices.


* Drive Compliance and Governance Efforts:
+ Align Emerson’s software security policies with SBOM-related regulatory requirements (e.g., U.S.

Executive Order 14028, NIST guidance, and emerging global regulations).
+ Conduct security assessments to evaluate supply chain risks and help teams implement mitigation strategies.
+ Support audit readiness by providing accurate SBOM documentation and vulnerability management reports.


* Foster a Culture of Secure Software Development:
+ Develop and deliver training programs and best practice guides on software supply chain security.
+ Stay ahead of emerging threats, attack vectors, and industry trends to continuously improve security strategies.

Who You Are:
 
You quickly and decisively take actions in fact-changing, unexpected situation...