The Enterprise IT Risk & Certification organization is seeking for a Cybersecurity Certification Engineer to lead the execution of digital certification of SE applications. In this role, you will engage with different stakeholders and support SE in improving the security and privacy posture of the technology landscape, whether it is internally built or externally purchased. You will provide operational support, contribute to documenting the controls & processes, provide leadership and transparency throughout the Certification lifecycle, and ensure information and evidence provided meet our internal security and privacy policies.The key to your success lies working in a proactive manner together with all stakeholders. This role offers the opportunity to work in fast-paced, international environment where both individual drive and team collaboration are key. If you are passionate about developing clear, quality solutions for complex problems, we hope you will consider joining our The Enterprise IT Risk & Certification organization.The Cybersecurity Certification Engineer will work with the Global Cyber Certification Leader to embed cybersecurity and privacy controls into all the digital assets assigned.Your main responsibilities :

• Handle cybersecurity and privacy (certification) engagements end to end for SE's digital assets (Software Applications, Technology Platforms, Schneider Electric Digital Offers, APIs) in the relevant region or assigned business domain.
• Cybersecurity and privacy engagements involve assisting project and product delivery teams in identifying IT security and data protection requirements and embedding the required controls into the digital asset.
• This involves proactively communicating and working with all different stakeholders.
• Prior to release or deployment of the product confirm if it is compliant with security requirements, or that sufficient compensating controls have been put in place to mitigate identified risks and thus achieve compliance.
• The engagements involve application security and privacy advisory services to products and software which are either developed in house or procured through third party vendors.
• Perform cloud security assessments for Third Party SaaS vendors through the CSA framework
• Conduct risk assessments and communicate the outcomes to IT and Business application owners.
• Understanding the general IT security policies of the company.
• Conduct awareness sessions and webinars for stakeholders in the respective geographies on cybersecurity and privacy requirements.
• Work closely with project delivery teams, perform everyday communications with project managers and technical specialists, introduce the certification engagements and ensure that the compliance is achieved before applications are put into production.

Your profile :Experience And Professional Certifications

• Master's Degree or higher in IT Management, Computer Science, Cybersecurity or another relevant field
• 5+ years' experience in general IT management, security, and data protection.
• Some of the desired certifications (if not achieved, the role holder could aspire to achieve these as part of their development plans in this role):
  • CISSP (Certified Information Systems Security Professional)
  • CIPP (Certified Information Privacy Professional) (good to have)
  • CISM (Certified Information Security Manager)
  • CCSP (Certified Cloud Security Professional)
  • OSCP, CEH (Desirable)
  • Any other product specific security certification (e.g. Microsoft or AWS)

Skills / Behaviors

• Project Management
• Advance Knowledge of Cybersecurity and Privacy Principles
• Leadership / Act like owners
• Collaboration/Teamwork
• Communications (Written and Oral)
• Requirements Gathering and Analysis
• Interpersonal Skills, proactiveness
• Willing to learn new skills / Learn Everyday

Qualifications / KnowledgeThe candidate should have in-depth knowledge and experience of the following:

• Expertise in applying Information Security Management principles and standards in areas such as threats and vulnerabilities, risk assessment and mitigation, security policy and security management process
• Expertise in ensuring compliance with personal data protection legislation in EU and relevant regions.
• Understanding or experience on any of the following is an advantage:
  • Cloud Security Assessment and Security Audits of Cloud Environment
  • Vulnerability Management (Process, Tools and Metrics)
  • NIST Cybersecurity Framework
  • Critical Security Controls (CSC)
  • Expertise in DevSecOps, OWASP and threat modeling methodologies is also an advantage.
• Fluent English MANDATORY (working language)

We know skills and competencies show up in many ways and can be based on your life experience. If you do not necessarily meet all the requirements that are listed, we still encourage you to apply.Our offer includes attractive remuneration and goes far beyond that. We offer competitive benefits, a work environment that encourages professional development, a qualitative onboarding and accompaniment throughout the different stages of your life (training, career opportunities, parenting, flexibility …), in a great workplace.#LI-SM1 Looking to make an IMPACT with your career?When you are thinking about joining a new team, culture matters. At Schneider Electric, our values and behaviors are the foundation for creating a great culture to support business success. We believe that our IMPACT values - Inclusion, Mastery, Purpose, Action, Curiosity, Teamwork - starts with us.IMPACT is also your invitation to join Schneider Electric where you can contribute to turning sustainability ambition into actions, no matter what role you play. It is a call to connect your career with the ambition of achieving a more resilient, efficient, and sustainable world.We are looking for IMPACT Makers; exceptional people who turn sustainability ambitions into actions at the intersection of automation, electrification, and digitization. We celebrate IMPACT Makers and believe everyone has the potential to be one.Become an IMPACT Maker with Schneider Electric - apply today!€36 billion global revenue+13% organic growth150 000+ employees in 100+ countries#1 on the Global 100 World's most sustainable corporationsYou must submit an online application to be considered for any position with us. This position will be posted until filled.Schneider Electric aspires to be the most inclusive and caring company in the world, by providing equitable opportunities to everyone, everywhere, and ensuring all employees feel uniquely valued and safe to contribute their best. We mirror the diversity of the communities in which we operate, and 'inclusion' is one of our core values. We believe our differences make us stronger as a company and as individuals and we are committed to championing inclusivity in everything we do. This extends to our Candidates and is embedded in our Hiring Practices. You can find out more about our commitment to Diversity, Equity and Inclusion here and our DEI Policy hereAt Schneider Electric, we uphold the highest standards of ethics and compliance, and we believe that trust is a foundational value. Our Trust Charter is our Code of Conduct and demonstrates our commitment to ethics, safety, sustainability, quality and cybersecurity, underpinning every aspect of our business and our willingness to behave and respond respectfully and in good faith to all our stakeholders. You can find out more about our Trust Charter here Schneider Electric is an Equal Opportunity Employer. It is our policy to provide equal employment and advancement opportunities in the areas of recruiting, hiring, training, transferring, and promoting all qualified individuals regardless of race, religion, color, gender, disability, national origin, ancestry, age, military status, sexual orientation, marital status, or any other legally protected characteristic or conduct.