Vulnerability & Incident Handler

Job Description:

In today's rapidly evolving digital landscape, the ability to effectively manage cybersecurity vulnerabilities and incidents is critical to maintaining organizational trust and operational integrity. We are seeking a highly skilled Vulnerability & Incident Handler to serve as the coordinator for all cybersecurity incident and vulnerability management efforts within Digital Energy Division. This individual will ensure swift, coordinated, and efficient responses to threats, minimizing potential damage and safeguarding sensitive data.

Key Responsibilities:

• Organize our response to vulnerabilities reported against our products and systems:- This involves promptly acknowledging receipt of vulnerability reports, systematically assessing the potential impact on our products and services, prioritizing remediation efforts based on risk, and coordinating with development and operations teams to ensure timely resolution. All findings and actions are carefully documented for transparency and future reference.
• Coordinate our actions in response to cybersecurity incidents at customer sites, or on internal exposures involving our offers:- Establish clear communication channels with affected customers, assemble cross-functional incident response teams, and conduct thorough investigations to understand the origin, scope, and impact of incidents. Our actions include containment, mitigation, and recovery steps, as well as ongoing updates to stakeholders throughout the incident lifecycle.
• Support security advisors and teams to prepare public disclosures :- drafting clear, accurate, and timely security advisories, reviewing technical content for correctness, and ensuring all necessary regulatory and compliance requirements are met. Work collaboratively to anticipate potential questions and provide extensive documentation and FAQs to assist customers in understanding and addressing disclosed vulnerabilities.
• On a regular basis inform stakeholders on pending public disclosures and vulnerability action plans:- maintain regular briefings and status updates for internal and external stakeholders, sharing timelines for public disclosure, remediation strategies, and required customer actions. Regular communication ensures all parties are prepared for upcoming announcements and can take necessary steps to protect their systems.
• Maintain a view on cybersecurity risk across the line of business product portfolio and organize mitigations, including on 3rd party components & suppliers :- continuously monitor our entire product suite, including dependencies on third-party components, for emerging threats and vulnerabilities. This includes performing risk assessments, tracking supplier security postures, and implementing mitigation strategies such as patches, configuration updates, or supplier engagement to reduce overall cybersecurity risk.
• Identify opportunities for efficiency improvement and lead improvement actions:- analyze ongoing processes to find areas where automation, streamlined workflows, or better resource allocation can improve our response to security issues. By leading targeted improvement initiatives, aim to enhance our overall security posture while optimizing productivity and reducing response times.
• Cross-Functional Coordination: Collaborate closely with IT, compliance, legal, and other business units to promote a unified and effective approach to vulnerability and incident management, fostering ongoing communication and teamwork.
• Lead employee training and awareness programs, fostering a strong security culture and ensuring policy and regulatory compliance across the organization.

Opportunities:

• Innovate: vulnerability and incident management are rapidly evolving topics; you will define our approach and create a legacy within a global line of business
• Make new connections across Schneider Electric, internally and externally in the cybersecurity community and with customers and partners
• Become knowledgeable on all line of business products and systems
• Exposure to all cybersecurity roles
• Positively influence our customer story on cybersecurity

Qualifications:

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent work experience).
• 8+ years of experience in cybersecurity incident response, vulnerability management, or a similar role.
• Strong understanding of security frameworks (e.g., NIST, ISO 27001), risk assessment methodologies, and regulatory compliance requirements.
• Demonstrated experience with security monitoring and incident management tools
• Excellent analytical, problem-solving, and communication skills.
• Relevant certifications (e.g., CISSP, CISM, CEH, GCIH) are highly desirable.
• Ability to work well under pressure and manage multiple incidents simultaneously.
• Strong organizational skills and attention to detail.
• Commitment to continuous learning and staying current with evolving cyber threats and technologies.

Desired Competencies:

• Expert level understanding of standard risk classification schemes including CVSS
• Strong organization skills and effective communication on risk with experience presenting to an executive audience
• Mastery of cybersecurity core concepts & terminology, including the vulnerability management lifecycle, typical risks and risk management approaches, customer expectations and behavior
• Comprehensive understanding of and technical architectures including networking, application and system architecture, web technology, and common internet and ICS protocols
• Experience working with teams around the world
• Composure and clear thinking during high pressure situations
• Capable of performing technical and business-risk analysis on cybersecurity issues

About Our Company:

Looking to make an IMPACT with your career?

When you are thinking about joining a new team, culture matters. At Schneider Electric, our values and behaviors are the foundation for creating a great culture to support business success. We believe that our IMPACT values – Inclusion, Mastery, Purpose, Action, Curiosity, Teamwork – starts with us.

IMPACT is also your invitation to join Schneider Electric where you can contribute to turning sustainability ambition into actions, no matter what role you play. It is a call to connect your career with the ambition of achieving a more resilient, efficient, and sustainable world.

We are looking for IMPACT Makers; exceptional people who turn sustainability ambitions into actions at the intersection of automation, electrification, and digitization. We celebrate IMPACT Makers and believe everyone has the potential to be one.

Become an IMPACT Maker with Schneider Electric – apply today

€36 billion global revenue

+13% organic growth

employees in 100+ countries

You must submit an online application to be considered for any position with us. This position will be posted until filled.

Schneider Electric aspires to be the most inclusive and caring company in the world, by providing equitable opportunities to everyone, everywhere, and ensuring all employees feel uniquely valued and safe to contribute their best. We mirror the diversity of the communities in which we operate, and 'inclusion' is one of our core values. We believe our differences make us stronger as a company and as individuals and we are committed to championing inclusivity in everything we do.

At Schneider Electric, we uphold the highest standards of ethics and compliance, and we believe that trust is a foundational value. Our Trust Charter is our Code of Conduct and demonstrates our commitment to ethics, safety, sustainability, quality and cybersecurity, underpinning every aspect of our business and our willingness to behave and respond respectfully and in good faith to all our stakeholders. You can find out more about our Trust Charter here

Schneider Electric is an Equal Opportunity Employer. It is our policy to provide equal employment and advancement opportunities in the areas of recruiting, hiring, training, transferring, and promoting all qualified individuals regardless of race, religion, color, gender, disability, national origin, ancestry, age, military status, sexual orientation, marital status, or any other legally protected characteristic or conduct.