We have an opportunity for a Product Cybersecurity Officer for Schneider Electric Energy Management Business.
Schneider Electric creates connected technologies that reshape industries, transform cities and enrich lives. Our 135,000+ employees thrive in more than 100 countries. From the simplest of switches to complex operational systems, our technology, software and services improve the way our customers manage and automate their operations. Help us deliver solutions that ensure Life Is On everywhere, for everyone and at every moment.
Great people make Schneider Electric a great company.
What do you get to do in this position?
· Ensure that the products from the Energy Management Business of Schneider Electric meet the customer expectations, are compliant with worldwide regulations and are comparable to competitors offers in order to maintain business continuity.
· Select key offers or market areas for cybersecurity differentiation and ensure offers provide unique value above the competition.
· Monitor and influence cybersecurity standards and regulations worldwide, influence to align with Schneider direction, prepare the offer businesses for compliance in adequate time and ensure documented compliance of offers.
· European complex IoT device security regulations.
· Country forced localization (China, Russia).
· US IoT device laws.
· Manage the competency pool for EMBU on cybersecurity, central expertise (15-20 people), security advisors (20+ people), security experts in architecture/test (20+ people) and general CS education across several thousand developers.
· EMBU vote and representation on the Edison Expert committee to guide level 1 experts, adjudicate level 2 and 3 experts across the company.
· Ensure the technical and architecture components are ready for efficient and secure product development.
· EMBU vote and representation of the Corporate product security architecture committee – roadmap and applicability vote for 10 technical invariants per year.
· Staff and guide the development of technical invariants for use in products.
· Define the system security architecture for large scale systems (Ecostruxure Power for Large and Critical end users, Utility segments, residential segments etc).
· Develop and drive a set of CS components to assist the development of products from small sensor devices to cloud applications
· Conduct external partnerships for cybersecurity acceleration.
· Identify external partners to accelerate cybersecurity implementation or bring unique differentiation.
· Conduct evaluation and M&A actives on 10-20 cybersecurity companies/partner per year.
· Lead the operations board for partnership with Center Energy Atomic in France for a 3M/year joint program.
· Lead multiple (~5) partnerships with external companies or government agencies for acceleration of CS.
· Deployment and enforcement of a Secure Development Lifecyle program across the business.
· Scale the existing program from 75 to 700 concurrently active projects by building competency within the product groups.
· Conduct or delegate a final cybersecurity review on each product release with authority to hold release if security targets are not meet.
· Develop, authorize and deploy internal regulations and practices for cybersecurity.
· Drive cybersecurity certification of system offers, product and development groups.
· Decide on the relevant certifications for different markets and offers as well as certification agencies.
· Prioritize and assist in the certifications especially, IEC62443-4-1, -4-2, -3-3, -2-4.
· Prepare offers across the EMBU for Data Privacy compliance by the Schneider data Privacy officer.
· Collaborate with Schneider Digital on the implementation of Digital offers, protection of development sites and source code.
· Manage vulnerabilities and incidents for released products to ensure swift resolution of issues.
· Concurrently handle in the range of 50-100 vulnerabilities of offers
· Drive implementation of security vulnerabilities of products in the field including issues that cover from 100-100K devices.
· Lead the EMBU response to cybersecurity incidents at customers sites, ensuring the correct product information and analysis are available to the customer and incident response teams.
· Improve the cybersecurity reputation of Schneider Electric and ability to interact with customers on cybersecurity issues.
· Lead the response to customer audits and questionnaires on the offer scope (~25 per year)
· Direct customer workshops for key customers (~10 per year).
· Educate the sales force and provide supporting material for cybersecurity interactions.
Ideal candidate profile
We know skills and competencies show up in many different ways and can be based on your life experience. If you do not necessarily meet all the requirements that are listed, we still encourage you to apply for the position.
This job might be for you if you meet these qualifications:
· CSSLP – Secure Development process certification.
· IEC62443 certified expert.
· CEH, CISSP, CCSP – technical certifications.
· ISO/IEC27001 lead auditor.
Bachelor/Masters in Engineering, Cybersecurity or Computer Science.
10+ years in cybersecurity work, essential that 5 years have been with an organization developing and selling HW + SW offers.
Experience in international organization, leading international teams and leadership by influence.
Schneider Electric offers a robust benefits package to support our employees such as flexible work arrangements, paid family leave, 401(k) + match, and more. Click here to find out more about working with us: http://se.com/us/careers
We seek out and reward people for putting the customer first, being disruptive to the status quo, embracing different perspectives, continuously learning, and acting like owners. We're recognized around the world for welcoming people as they are. We create an inclusive culture where all forms of diversity are seen as a real value for the company. See what our people have to say about working for Schneider Electric.
Let us learn about you! Apply today.
You must submit an online application to be considered for any position with us. This position will be posted until filled.
It is the policy of Schneider Electric to provide equal employment and advancement opportunities in the areas of recruiting, hiring, training, transferring, and promoting all qualified individuals regardless of race, religion, color, gender, disability, national origin, ancestry, age, military status, sexual orientation, marital status, or any other legally protected characteristic or conduct.
Concerning agencies: Schneider Electric does not accept unsolicited resumes and will not be responsible for fees related to such.
Schneider Electric is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.