Cybersecurity Architecture

Job purpose Schneider Electric is searching for a Cyber Security Advisor with a strong foundation in software engineering and developmentfor its Energy Management Business CTO Cybersecurity Centre of Excellence Team This role is ideal for a seasoned developer who understands the software lifecycle is passionate about improving code quality and security and is eager to drive secure development practices across modern and legacy systems The Security Advisor regularly interacts with key stakeholders like representatives from offer development architecture regulations conformity teams and technical leaders as well as stakeholders from the corporate Product Security Office PSO within Governance teams to ensure that cybersecurity guidelines and processes are executed in an efficient effective and compliant manner The ideal candidate will be able to combine process and technical advisory role with assertive engagement and escalation when appropriate The idea is not only to have people only consulting and advising but also acting like owners and having an impact in our shift-left strategy for security by design Responsibilities Cybersecurity Integration in Development Drive initiatives to enhance the overall cyber quality of software products through secure design and coding practices by providing direct support to development teams by assisting then in vulnerabilities triaging Act as the Subject Matter Expert to ensure cybersecurity is embedded from the design phase in the Offer development process supporting both legacy systems and modern cloud-native agile environments Secure Development Lifecycle SDL Enablement Advise on securing both legacy applications and modern cloud-native architectures using agile methodologies and secure coding practices early in the development lifecycle integrating security into CI CD pipelines Guide and coach development teams in implementing Secure Development Lifecycle practices such as threat modelling secure design secure coding and security testing leveraging hands-on engineering and software development expertise Standards Compliance Support deployment of Secure Development Lifecycle and cybersecurity functionalities aligned with standards such as IEC62443 and work to improve the effectiveness and efficiency of these processes Risk-Driven Development Ensure development teams adhere to risk-driven cybersecurity processes and controls throughout the development lifecycle Audit Support Support teams in conducting internal Secure Development Lifecycle audits and Formal Cybersecurity Reviews FCSRs and ensure compliance with Schneider data security and privacy processes Privacy by Design Perform foundational data protection and privacy screening of offers to ensure data privacy requirements are integrated from the initial design stages Cross-Functional Collaboration Work closely with Line of Business LoB developers to understand their needs and tailor security solutions accordingly Represent offer development teams in Business Unit and PSO security meetings and workshops Stay informed about new policies procedures cybersecurity standards regulations legislation and technologies and keep R D leadership updated on relevant emerging activities Training Awareness Conduct training sessions and presentations to enhance cybersecurity competencies across development teams Maturity Monitoring Track organizational maturity using cybersecurity maturity frameworks and track other Secure Development Lifecycle-related goals as directed Community Engagement Take an active part in the cybersecurity community not only in Energy Management but also globally at company level Qualifications Key Skills and Requirements 10 years of experience in software development or engineering roles Strong understanding of software development methodologies Agile DevOps CI CD Experience with modern and legacy software systems Familiarity with security tools e g SAST DAST dependency scanning container security Proven ability to identify and remediate vulnerabilities in code Strong communication skills with the ability to explain technical concepts to non-technical stakeholders Curious mindset with a willingness to continuously learn and adapt Ability to align operational information security policies with business requirements Process driven with attention to detail ability to translate operational information security requirements into security controls in coordination with architects Ability to effectively adapt to and apply rapidly changing technology and security requirements to business needs Foundational data protection privacy knowledge or willingness to acquire it during tenure Looking to make an IMPACT with your career When you are thinking about joining a new team culture matters At Schneider Electric our values and behaviors are the foundation for creating a great culture to support business success We believe that our IMPACT values - Inclusion Mastery Purpose Action Curiosity Teamwork - starts with us IMPACT is also your invitation to join Schneider Electric where you can contribute to turning sustainability ambition into actions no matter what role you play It is a call to connect your career with the ambition of achieving a more resilient efficient and sustainable world We are looking for IMPACT Makers exceptional people who turn sustainability ambitions into actions at the intersection of automation electrification and digitization We celebrate IMPACT Makers and believe everyone has the potential to be one Become an IMPACT Maker with Schneider Electric - apply today EUR36 billion global revenue 13 organic growth 150 000 employees in 100 countries 1 on the Global 100 World s most sustainable corporations You must submit an online application to be considered for any position with us This position will be posted until filled Schneider Electric aspires to be the most inclusive and caring company in the world by providing equitable opportunities to everyone everywhere and ensuring all employees feel uniquely valued and safe to contribute their best We mirror the diversity of the communities in which we operate and inclusion is one of our core values We believe our differences make us stronger as a company and as individuals and we are committed to championing inclusivity in everything we do At Schneider Electric we uphold the highest standards of ethics and compliance and we believe that trust is a foundational value Our Trust Charter is our Code of Conduct and demonstrates our commitment to ethics safety sustainability quality and cybersecurity underpinning every aspect of our business and our willingness to behave and respond respectfully and in good faith to all our stakeholders You can find out more about our Trust Charter here Schneider Electric is an Equal Opportunity Employer It is our policy to provide equal employment and advancement opportunities in the areas of recruiting hiring training transferring and promoting all qualified individuals regardless of race religion color gender disability national origin ancestry age military status sexual orientation marital status or any other legally protected characteristic or conduct