Purpose of the job:
The Product Cybersecurity architect shall ensure that PP products are compliant with IEC 62443 family of security standards, with the right cybersecurity level (SL). The individual is in charge to ensure that cybersecurity guidelines and processes are executed in an effective manner.
The Cybersecurity Architect shall regularly interact with stakeholders from each line of business (League Leader, PO, Marketing, OTL), FW and HW Chapters Leaders, as well as stakeholders from the corporate Product Security Office (PSO) to streamline and simplify the unified Security architecture approach.
On top of the job, the PP Cybersecurity Architect shall also actively participate in organization wide security initiatives and processes.
Key responsibilities:
o Ensure that all PP projects have the right level of cybersecurity and succeed in 100% FCSR.
o Interface functionally with Hub level Cybersecurity Leaders, other Cybersecurity Architects and Cybersecurity Advisors to share and collaborate on the projects.
o Define Security Level in close relation with Marketing and Security Architects, considering product and system views. Define certification cybersecurity strategy for PP (62443 ready or certified).
o Master cybersecurity standards and policies to ensure offers are compliant. Participate to or closely follow Cybersecurity standardization with specific security profiles.
o Optimize cybersecurity requirements versus project's constraints (performance, TTM, cost). Simplify cybersecurity process to insure project's efficiency.
o Standardize and re-use cybersecurity generic bricks (requirements, threat models).
o Define PP Cybersecurity Architecture to simplify and align cybersecurity implementation in PP, support and train marketing and projects' teams.
o Maintain knowledge on operational security topics and their applicability to Schneider Electric.
o Treat all vulnerabilities impacting PP (impact analysis, action plan if needed).
o Build & deploy, as enablers, secure reference architectures by segment/domains, aligned with IEC62443 security levels and Essential •Regulatory• and •Future ready• Requirements.
o Drive compatibility & interoperability through secure reference architecture design support to offer teams.
o Drive and promote adoption of security platforming strategies, such as secure reusable bricks and libraries.
o Provide support to technical invariants and guidance on their usage by offer management.
o Productization, commercialization and marketing assistance from a cybersecurity standpoint.
Professional Experience
o Have a strong background in cybersecurity and experience implementing security solutions. 5 to 8 years of relevant Product cybersecurity experience.
o Have experience and interest in securing critical products and solutions and in development projects.
o Experience using soft skills to influence and convene as required along with Good social skills and empathy with a passion and drive for innovation.
o Experience in coaching and mentoring, and successfully building and leading teams in a matrix environment.
o Experience with complex technical projects in an Agile environment. International exposure / experience - proven ability to lead in a matrix environment.
o Build & deploy, as enablers, secure reference architecture by segment/domains, aligned with IEC62443 security levels, Essential (baseline) requirements.
o Implement Product Security architecture, secure design assistance for products and systems for critical infrastructure domains.
o Experience in driving compatibility & interoperability through reference architecture. Productization, Commercialization, marketing assistance from a cyber standpoint
o Exposure and experience in ensuring that offers follow SDL process, including pen testing, threat modeling, secure design reviews and implementations.
Soft Skills
o Proven experience in product security, in an energy management or related industry.
o In-depth knowledge of security standards (IEC 62443, ISO27001, GDPR etc.) and their
application to product, offer and wider digital security.
o Strong understanding of security principles, protocols, and technologies.
o Relevant certifications such as Certified Information Systems Security Professional (CISSP)
or Certified Information Security Manager (CISM) would be a plus.
Qualifications
Purpose of the job:
The Product Cybersecurity architect shall ensure that PP products are compliant with IEC 62443 family of security standards, with the right cybersecurity level (SL). The individual is in charge to ensure that cybersecurity guidelines and processes are executed in an effective manner.
The Cybersecurity Architect shall regularly interact with stakeholders from each line of business (League Leader, PO, Marketing, OTL), FW and HW Chapters Leaders, as well as stakeholders from the corporate Product Security Office (PSO) to streamline and simplify the unified Security architecture approach.
On top of the job, the PP Cybersecurity Architect shall also actively participate in organization wide security initiatives and processes.
Key responsibilities:
o Ensure that all PP projects have the right level of cybersecurity and succeed in 100% FCSR.
o Interface functionally with Hub level Cybersecurity Leaders, other Cybersecurity Architects and Cybersecurity Advisors to share and collaborate on the projects.
o Define Security Level in close relation with Marketing and Security Architects, considering product and system views. Define certification cybersecurity strategy for PP (62443 ready or certified).
o Master cybersecurity standards and policies to ensure offers are compliant. Participate to or closely follow Cybersecurity standardization with specific security profiles.
o Optimize cybersecurity requirements versus project's constraints (performance, TTM, cost). Simplify cybersecurity process to insure project's efficiency.
o Standardize and re-use cybersecurity generic bricks (requirements, threat models).
o Define PP Cybersecurity Architecture to simplify and align cybersecurity implementation in PP, support and train marketing and projects' teams.
o Maintain knowledge on operational security topics and their applicability to Schneider Electric.
o Treat all vulnerabilities impacting PP (impact analysis, action plan if needed).
o Build & deploy, as enablers, secure reference architectures by segment/domains, aligned with IEC62443 security levels and Essential •Regulatory• and •Future ready• Requirements.
o Drive compatibility & interoperability through secure reference architecture design support to offer teams.
o Drive and promote adoption of security platforming strategies, such as secure reusable bricks and libraries.
o Provide support to technical invariants and guidance on their usage by offer management.
o Productization, commercialization and marketing assistance from a cybersecurity standpoint.
Professional Experience
o Have a strong background in cybersecurity and experience implementing security solutions. 5 to 8 years of relevant Product cybersecurity experience.
o Have experience and interest in securing critical products and solutions and in development projects.
o Experience using soft skills to influence and convene as required along with Good social skills and empathy with a passion and drive for innovation.
o Experience in coaching and mentoring, and successfully building and leading teams in a matrix environment.
o Experience with complex technical projects in an Agile environment. International exposure / experience - proven ability to lead in a matrix environment.
o Build & deploy, as enablers, secure reference architecture by segment/domains, aligned with IEC62443 security levels, Essential (baseline) requirements.
o Implement Product Security architecture, secure design assistance for products and systems for critical infrastructure domains.
o Experience in driving compatibility & interoperability through reference architecture. Productization, Commercialization, marketing assistance from a cyber standpoint
o Exposure and experience in ensuring that offers follow SDL process, including pen testing, threat modeling, secure design reviews and implementations.
Soft Skills
o Proven experience in product security, in an energy management or related industry.
o In-depth knowledge of security standards (IEC 62443, ISO27001, GDPR etc.) and their
application to product, offer and wider digital security.
o Strong understanding of security principles, protocols, and technologies.
o Relevant certifications such as Certified Information Systems Security Professional (CISSP)
or Certified Information Security Manager (CISM) would be a plus.
Primary Location : IN-Karnataka-Bangalore
Schedule : Full-time Unposting Date : Ongoing
MNCJobsIndia.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.