Schneider Electric™creates connected technologies that reshape industries, transform cities and enrich lives. Our 160,000 employees thrive in more than 100 countries. From the simplest of switches to complex operational systems, our technology, software and services improve the way our customers manage and automate their operations.Help us deliver solutions that ensure Life Is On everywhere, for everyone and at every moment: https://youtu.be/NlLJMv1Y7Hk .
Great people make Schneider Electric a great company.
Cyber Security Professional
The Cyber Security Professional is responsible for supporting the Regional CISO to establishing and maintaining an enterprise-wide information risk security/privacy program while ensuring tight linkage with the overall corporate strategy. The CISO is responsible for the security necessary to support business needs which include: developing, implementing, and monitoring enterprise-wide initiatives to reduce information security risks, promoting utilization of industry standards and best practices, tracking violations of privacy and security, identifying security trends and evolving technologies, reporting information security risks in a manner that meets compliance and regulatory requirements, and communicating effectively with Sr. Leadership about related information security issues and implications to the enterprise.
The Americas CISO has direct reporting from a small team of experts in the region to carry out the information security program, coordinates with regional teams located in APAC and EMEA, and the IT SOC.
This role is based preferably in the Northeast region of the United States.
· Broad experience in IT technology, in particular in networks, data center, cloud operation
· Product security design, Secure Coding and testing, Software lifecycle
· Working knowledge of various Cyber Security Frameworks and Certifications
· General security certification (CISSP, CISM or equivalent)
Soft Skills :
· Capability to operate in a matrix environment while being outcome driven
· Analytic, problem solving skills
· Strong project management, diplomacy and communication skills.
Work directly with and in support of the Regional CISO to:
· Influence directly and indirectly a diverse and highly disciplined team of IT security professionals within Schneider Digital and the multiple Business Units.
· Independently manage, directly and indirectly, Schneider Digital partner's and key stakeholder's during the investigation of incidents involving the network, products and its users to achieve the most favorable outcomes.
· Provide support to the Head of the Security Operations Center through the development of security services deployment both internally and externally to Schneider-Electric.
· Assist the Global and Regional CISO's coordinate and assimilate the cyber security program with the Chief Security Officers and Chief Technology Officers imbedded in the business units
· Become proficient in the Digital Security Policies and Procedures.
· Assess vulnerabilities to the IT systems and provide risk-based solutions to maintain data integrity.
· Oversee execution of approved information security projects and internal/external audits being conducted within the region and provide regular status reporting on progress of such projects.
· Design and implement an appropriate level of mitigation to address any audit findings.
· Provide security and operational oversight for third party outsourcing contracts, minimize risks associated with third party services including reputational, compliance and transactional risks.
· Manage the implementation and compliance of all IT security policies and procedures.
· Communicate clearly, concisely and regularly with key internal business leaders and external stakeholders the Schneider Information Security strategy and the status of its implementation.
· Collaborate across the Enterprise with other functional areas to achieve data protection objectives. Internal partners will include but not be limited to Human Resources, Data Privacy Office, Legal and Finance.
· Collaborate with the Global IT departments to ensure information security risks in both ongoing and planned operations are properly considered and that all compliance matters are being adhered to as required.
· Identify and propose key information security program priorities, initiatives, plans, practices and tools.
· Provide guidance (e.g., information security risk severity assessments / relative cost benefit analysis etc.) and provide recommendations regarding prioritization of investments and projects that mitigate risks, strengthen defences and reduce vulnerabilities.
· Monitor information security trends and evolving technologies and keep senior management informed about related information security issues and implications for the Enterprise.
· Understand potential and emerging information security threats, vulnerabilities, and control techniques and communicate this information to other Digital Security colleagues and the Senior Vice President-CISO on a timely basis.
· Provide guidance to business units as necessary to investigate security breaches and to pursue associated potential disciplinary and legal actions in collaboration with Human Resources and Legal counsel as appropriate.
· Maintain relationships with local, state, and federal law enforcement and related government agencies.
· Travel approximately 15-20%.
Ideal candidate profile
· Bachelor's degree in Information Security, Computer Science, Information Management Systems, Business/Accounting or related field or related experience
· Minimum 10 years of experience in IT Security, IT Audit or related area
· Strong technical skills relevant to Information Security such as secure coding standards, ethical hacking techniques, network security, and risk analysis
· Familiarity with Information Security industry standards/best practices and relevant regulations (e.g., PCI DSS, GDPR, NIST, ISO,HIPPA)
· Strong practical knowledge of Incident Response and Crisis Management practices – Ten years of active internal investigations or incident response experience desirable.
· Ability to learn and adapt to changing environments while maintaining operational capability.
· Experience developing and implementing information security policies, standards, and procedures.
· Experience reviewing customer and vendor contracts involving security best practices
Behavioral / Interpersonal :
· Proven capacity to operate in complex multi-national corporate environment under stress. Working closely with people from culturally and geographically diverse backgrounds and the flexibility to accommodate time zone challenges.
· Strong ability to communicate complicated technical concepts to non-technical staff and senior leadership.
· Proven ability to maintain strict confidentiality of data and materials
· Solid understanding of organizational goals and objectives as aligned to the business.
· Demonstrated personnel/project management skills.
· A self-starter who can deliver on key work-streams without continual oversight.
We seek out and reward people for being straightforward, open, passionate, effective and challenging the status quo. We want our employees to reflect the diversity of the communities in which we operate. We welcome people as they are, creating an inclusive culture where all forms of diversity are seen as a real value for the company. We're looking for people with a passion for success — on the job and beyond. See what our people have to say about working for Schneider Electric: https://youtu.be/6D2Av1uUrzY .
Let us learn about you! Apply today.
You must submit an online application to be considered for any position with us. This position will be posted until filled.
It is the policy of Schneider Electric to provide equal employment and advancement opportunities in the areas of recruiting, hiring, training, transferring, and promoting all qualified individuals regardless of race, religion, color, gender, disability, national origin, ancestry, age, military status, sexual orientation, marital status, or any other legally protected characteristic or conduct.
Concerning agencies: Schneider Electric does not accept unsolicited resumes and will not be responsible for fees related to such.
Schneider Electric is an Equal Opportunity Employer Minorities/Women/Veterans/Disabled.