The Principal Product Cybersecurity Architect role will be hosted within the CTO office of the Energy Management Business Unit (EMBU), dedicated to driving innovation and growth across our various Lines of Business (LoBs) in the areas of energy efficiency and sustainability.The CTO office spearheads strategic technology disruption programs, including one focused on platforming the firmware and software of our devices, our Edge architecture, and its integration with a wide range of IoT platforms and cloud applications.As part of this platforming initiative, the Electronics Center of Excellence (Electronics CoE) is responsible for exploring, assessing, prototyping, and standardizing electronic technology into hardware designs. Subsequently, the CoE drives the adoption of these designs across our different Lines of Business (LoB) to underpin their solutions.The Principal Product Cybersecurity Architect serves as the trusted advisor of the Electronics Center of Excellence, charting the optimal path for the CoE and the LoBs to enhance customer trust in our EcoStruxure ecosystem of devices and services. This involves ensuring consistent behavior and end-to-end integrity from the chip to the cloud and application layers (for devices), as well as from the devices to the cloud (for services).This is a pivotal role that demands a blend of advanced expertise in embedded/hardware cybersecurity; and robust influencing and communication skills to bring next-generation architectures to fruition within a complex international organization.The Principal Product Cybersecurity Architect will join the team structure of both CTO Cybersecurity and Electronics Center of Excellence (Electronics CoE) for continuous alignment in terms of ambitions and delivery. Duties and responsibilitiesThe Principal Product Cybersecurity Architect supports product, offer, and solution teams to bring cybersecurity features and functions into the offers; and drives the right cybersecurity development processes to ensure proper development practices have been implemented.They investigate, evaluate and propose technologies, tools, and processes to improve cybersecurity practices within the company; and define the fundamental concept or properties of our offers in Cybersecurity.The ideal candidate will come with a strong expertise on product security especially on hardware, firmware, embedded software security, including in the areas of establishing Root-of-Trust (RoTs) & Chain-of-Trust (CoT).Specifically in relation to their duties within the hardware/embedded domain, the Principal Product Cybersecurity Architect will carry out the following tasks:
- Define and drive the security agenda for Electronics Center of Excellence (Electronics CoE) in alignment with EM Cybersecurity teams. Represent CoE in various cyber engagements within the BU and beyond.
- Work with teams from Procurement, Legal & our Electronics Center of Excellence (Electronics CoE) to engage with semiconductors providers, assess their chips & security chips, and approve some of them for use in the lines of business, based on their features & performance.
- Work with cybersecurity leaders from manufacturing, supply chain, divisions engineers and cyber leaders & Infrastructure technical teams (e.g. Firmware PKI) to securely integrate the approved silicon technology to our existing systems.
- Design secure standard hardware architectures to implement this technology; and securely propagate trust from devices to cloud services through IoT platforms, and between IoT platforms.
- Collaborate with teams from the Electronics CoE & engineering groups within Divisions to platform standard architectures and ease implementation with blueprints & bricks.
- Enable devices/services engineering groups from lines of business with the adoption of the blueprints & bricks from the CoE by providing training, guidance & support.
- Monitor the approved technology for threats, vulnerabilities & updates; and oversee the mitigation of these at scale with the lines of business and with the support of PMOs and product owners.
- Work with Global Cybersecurity Risk management teams as a subject matter expert on Firmware and Software compromission risks.
- Work with internal and external penetration testing & ethical hacking teams (e.g. Global Security Labs) to challenge the integrity & robustness of the blueprints, the bricks, and their implementation in our offers.
Qualifications- Graduate or Post-graduate degree in computer science, information systems, or mechanical engineer or any other related or comparable field
- Education or certification specialization on cryptography is a plus
Professional Experience and Competences- Embedded product security architecture and/or operations,
- Hardware security: implementing hardware RoT on constrained devices, and implementing from there secure boot, secure storage, firmware update, software signature, …
- Knowledge of the IEC62443 standard is a plus to support Trusted Computing on the "device" side - several of our devices are expected to reach SL3
- Knowledge of the ISO27001/SOC2 standard & Azure cloud experience/certifications are a plus
- Hands-on experience with implementing TPM, TEE, Secure Element, Secure Enclave, …
- Silicon architecture, secure boot, cryptography, and/or supply chain security
- Strong knowledge of cryptography standards & PKI design/operation
- Experience with creating security reference architectures
- Knowledge of threat modelling & risk management
- Experience on Embedded Software (RT OSRTXC, VxWorks, Mbed, Linux, …)
- Experience in Industrial Control application incl. implementation (Industrial protocols, …)
- Ability to demonstrate feasibility of proposed architecture through mock-up / prototyping
Soft Skills- Excellent interpersonal and communication skills
- Capacity to learn quickly and share across various teams for adoption
- Detail-oriented with a demonstrated ability to self-motivate and follow through on projects
- Strong problem-solving skills with an ability to analyze problems and develop actionable plans
- Ability to build consensus and followership with key stakeholders, and drive change
- Excellent writing and speaking skills in English
Our offer includes attractive remuneration and goes well beyond. If you join Schneider Electric here is an idea of what we can offer you to have the best possible experience :
- A competitive salary, an individual bonus as well as profit-sharing and participation bonuses rewarding everyone's efforts
- A range of social benefits that make life easier : a work council with a large range of offers, healthcare insurance that meets all needs, generous savings and retirement plans, an advantageous shareholding program.
- Career development through training, internal mobility (local and international), skills sharing, etc.
- An integration path from your first day to give you the keys to success at Schneider Electric within a culture promoting diversity, professional development and inclusion
- A good work-life balance thanks to our teleworking policy (up to 48% of teleworking time, equipment included), parenting support and inter-company creche.
Life is on. Join us and grow your impact! Why us?Schneider Electric is leading the digital transformation of energy management and automation. Our technologies enable the world to use energy in a safe, efficient and sustainable manner. We strive to promote a global economy that is both ecologically viable and highly productive.₠34bn global revenue128 000+ employees in 100+ countries45% of revenue from IoT5% of revenue devoted for R&DYou must submit an online application to be considered for any position with us. This position will be posted until filledIt is the policy of Schneider Electric to provide equal employment and advancement opportunities in the areas of recruiting, hiring, training, transferring, and promoting all qualified individuals regardless of race, religion, color, gender, disability, national origin, ancestry, age, military status, sexual orientation, marital status, or any other legally protected characteristic or conduct. Concerning agencies: Schneider Electric does not accept unsolicited resumes and will not be responsible for fees related to such.