We are a dynamic subsidiary of Schneider Electric, specializing in the design, engineering, and distribution of e-vehicle charging solutions, including chargers, inverters, batteries, solar panels, and various embedded and cloud solutions. Our mission is to drive sustainable energy management through innovative e-mobility solutions.The System Cybersecurity Leader works closely with the Principal Cybersecurity Architect and is responsible for:
- adapting, leading adoption and controlling implementation of the Schneider Electric Secure Development Lifecycle framework within their subsidiary
- driving the compliance to Secure Lifecycle Management Policy and other cybersecurity policies, procedures, and best practices, both for the subsidiary products & IT systems
- advising product engineering & digital stakeholders on cybersecurity technical requirements for the development of secure products and systems within the subsidiary.
The role regularly interacts with key stakeholders like product cybersecurity advisors, representatives from offer development, architecture, regulations, conformity teams and technical leaders as well as stakeholders from the corporate Product Security Office (PSO) and Information Security Office (CISO) to ensure that cybersecurity guidelines and processes are executed in an efficient, effective, and compliant manner.You will be able to combine a process and technical advisory role with assertive engagement, a risk driven entrepreneurial mindset, and an ability to coordinate organizational escalation when appropriate. You will be acting like an owner for the cybersecurity of their subsidiary, playing an active role in the design and adoption of shift-left strategies to efficiently secure our offers & infrastructure by design.
Your responsibilities :• Serve as the Subject Matter Expert to ensure cybersecurity topics are prioritized and embedded in the Offer development process from the design phase.• Provide guidance, coaching, and expertise to implement Secure Development Lifecycle practices such as threat modeling, secure design, secure coding, implementation, and security testing.• Collect Secure Development Lifecycle and cybersecurity metrics to contribute to data-driven strategies and plans in a protective manner.• Aid in the deployment of Secure Development Lifecycle and cybersecurity functionalities as required by standards such as IEC62443, and local regulations such as CRA, RED and work to improve the effectiveness and efficiency of these processes.• Ensure that assigned development teams adhere to risk-driven cybersecurity processes and controls throughout the development lifecycle.• Support teams in conducting internal Secure Development Lifecycle audits and Formal Cybersecurity Reviews (FCSRs) and ensure compliance with Schneider data security and privacy processes.• Perform foundational data protection and privacy screening of offers to ensure data privacy requirements are integrated from the initial design stages.• Represent offer development teams in Business Unit and PSO security meetings and workshops. • Stay informed about new policies, procedures, cybersecurity standards, regulations, legislation, and technologies, and keep R&D leadership updated on relevant emerging activities.• Monitor organizational maturity using cybersecurity maturity frameworks and track other Secure Development Lifecycle-related goals as directed.• Take an active part in the cybersecurity community in their subsidiary and at corporate level.
Your profile : • +5 years' experience in information security and/or product security• Experience with risk assessment, threat modeling, and security requirements definition/triage/prioritization• Experience working with an Engineering/R&D organization following a Secure Development Lifecycle. Provenability to engage with leadership and development teams• Experience guiding and assisting organizations in implementing security product/system developmentpractices.• Demonstrated ability to develop risk analysis and threat models, analysing threats/risks, and rate theirseverity using established industry practices.• Experience in driving corporate programs using influence, negotiation, and persuasion soft skill set.• Knowledge of standards (IEC 62443, ISO27001, GDPR etc.) and their application to product, offer and widerdigital security.• Relevant certifications such as CSSLP, CISSP, CISM, ISO27001 or IEC 62443 would be a plus.• Significant experience in a start-up company with strong organic growth would be a strong plus.• Languages: good level English is mandatory• Strong entrepreneurial mindset with risk-driven leadership• Effective communication skills, multi-tasking and problem-solving• Superior organizational intelligence within the company and its ecosystem • Ability to influence and engage successfully with senior business & cyber leaders, and customers• Ability to work in a matrix organization with collaboration and conflict management skills.• Ability to align operational/information security policies with business requirements.• Ability to prioritize under tight deadlines• Ability to manage and to maintain confidential information.• Process driven with attention to detail, ability to translate operational/information security requirements into security controls in coordination with architects.• Ability to effectively adapt to and apply rapidly changing technology and security requirements to business needs.• Foundational data protection & privacy knowledge or willingness to acquire it during tenureTravel %• Up to 20% travel, agreed with the leader of the projectWe know skills and competencies show up in many ways and can be based on your life experience. If you do not necessarily meet all the requirements that are listed, we still encourage you to apply.Our offer includes attractive remuneration and goes far beyond that. We offer competitive benefits, a work environment that encourages professional development, a qualitative onboarding and accompaniment throughout the different stages of your life (training, career opportunities, parenting, flexibility …), in a great workplace.#LI-SM1
Looking to make an IMPACT with your career?When you are thinking about joining a new team, culture matters. At Schneider Electric, our values and behaviors are the foundation for creating a great culture to support business success. We believe that our IMPACT values - Inclusion, Mastery, Purpose, Action, Curiosity, Teamwork - starts with us.IMPACT is also your invitation to join Schneider Electric where you can contribute to turning sustainability ambition into actions, no matter what role you play. It is a call to connect your career with the ambition of achieving a more resilient, efficient, and sustainable world.We are looking for IMPACT Makers; exceptional people who turn sustainability ambitions into actions at the intersection of automation, electrification, and digitization. We celebrate IMPACT Makers and believe everyone has the potential to be one.Become an IMPACT Maker with Schneider Electric - apply today!€36 billion global revenue+13% organic growth150 000+ employees in 100+ countries#1 on the Global 100 World's most sustainable corporationsYou must submit an online application to be considered for any position with us. This position will be posted until filled.Schneider Electric aspires to be the most inclusive and caring company in the world, by providing equitable opportunities to everyone, everywhere, and ensuring all employees feel uniquely valued and safe to contribute their best. We mirror the diversity of the communities in which we operate, and 'inclusion' is one of our core values. We believe our differences make us stronger as a company and as individuals and we are committed to championing inclusivity in everything we do. This extends to our Candidates and is embedded in our Hiring Practices. You can find out more about our commitment to Diversity, Equity and Inclusion here and our DEI Policy hereAt Schneider Electric, we uphold the highest standards of ethics and compliance, and we believe that trust is a foundational value. Our Trust Charter is our Code of Conduct and demonstrates our commitment to ethics, safety, sustainability, quality and cybersecurity, underpinning every aspect of our business and our willingness to behave and respond respectfully and in good faith to all our stakeholders. You can find out more about our Trust Charter here Schneider Electric is an Equal Opportunity Employer. It is our policy to provide equal employment and advancement opportunities in the areas of recruiting, hiring, training, transferring, and promoting all qualified individuals regardless of race, religion, color, gender, disability, national origin, ancestry, age, military status, sexual orientation, marital status, or any other legally protected characteristic or conduct.