Cybersecurity Officer for Sustainability Business
Company: Schneider Electric
Location: Boston
Posted on: November 14, 2024
Job Description:
Schneider Electric is searching for a Cybersecurity Officer for
Sustainability Business within its Energy Management Business
reporting to the Senior Vice President of the Sustainability
Business Division and dotted line to the Group CISO. -The
Cybersecurity Officer for Sustainability Business mandate is a
focus on cyber, data, and product security risk management while
building trust with customers, the ecosystem, and authorities. The
CSO will set the vision and strategy that addresses the risks and
simultaneously enables the Energy Management business objectives.
This role is the liaison between the cybersecurity and business
organizations, making cybersecurity a known element foundational to
the success of digital and sustainability initiatives. -This leader
will support both external and internal stakeholders. From an
external standpoint, the goal is to mitigate risks that may hinder
the Division's digital and offer ambitions used to drive and grow
the business. To be successful, this leader must build trust with
internal segment stakeholders, -that will ultimately translate to
strong relationships and trust with customers the broader
ecosystem. -The role will both join the Sustainability Business
Division's leadership and Cybersecurity group -leadership.
-Division Specific Cyber Objectives
Lessons learned and multi-year
improvement plan after Ransomware IncidentRestore Trust with
Customers and AuthoritiesCRA and regulations compliance for SaaS
offersAlignment / integration of cybersecurity Processes & Tools
with the rest of SEResource Advisor - cyber strategy - frame
agreement & trusted architectureSecure Data - customer / employee -
architecture and regional operationsSOC2 / Type2 + Certifications
for MSSPCybersecurity posture for integrated entities - Eco Act,
---ESG and Strat Accounts Cyber Awareness + agenda
-Responsibilities:
Define and execute on cyber, data and
product security strategy and vision for theDivision by keeping
alignment on group cyber ambitions and priorities.Drive discussions
with key strategic accounts on cyber, data and product security
topics for the Division, addressing customer
expectations/requirements.Raise situational awareness in the
Division and its segments on various cyber trends, controversies,
regulatory and authorities' requirements and competition
moves.Identify critical partner and supplier dependencies and their
impact for the Division.Conduct risk management activities in
cyber, data, products, and systems from identification, assessment
to mitigation of those risks (centered on group cyber risk
register)Deploy product security essentials (baseline requirements)
in the Division's R&D activities, deploy technical invariants
for products, enforce independent pen-testingDrive regulatory
compliance (e.g., CRA) by raising awareness at the leadership level
toinfluence product (R&D) investment plans.Implement a robust
control environment in the Division through Enterprise
RiskManagement and Key Internal Controls for Product development
and R&D representing the Division as first line of
defense.Articulate and deploy data protection requirements for
offers within the division and address data privacy,
residency/localization expectations from customers and
authorities.Elevate the bar for Secure Development Lifecycle
program and systematically conductFormal Cybersecurity Reviews,
manage the exception/waiver process before Go-to-Market.Lead
product/offer Vulnerability & Controversies Management for the
division and articulate the risk profile for vulnerabilities,
articulating the business impact for the Division.Lead Digital
Offer and Digital Footprint security management for the division
including mobile apps governance (when relevant) including flags,
and the migration to Azure Landing zoneSpearhead Product Security
Maturity Model Implementation for the division and conduct
associated actions plans.Support to group strategic initiative like
"Sensitive offers Source Code", Divisions "R&D site
protection", "Platinum" sites protection programs.Drive Ecosystem
security and Trust Standards in Energy Management scope entities of
non- integrated companies, ramping up their security postureEngage
in cyber incident management related to the Division from
detection, thru containment up to root cause analysis and lessons
learnt.Industry involvement and influencing, external engagements,
make Division cyber known internally and externally. Leadership
skills
Superior organizational intelligence
within the company and its ecosystemEffective communication skills,
multi-tasking and problem-solvingAbility to influence and engage
successfully with senior business & cyber leaders.Ability to work
in a matrix organization with collaboration and conflict management
skills.Experienced in large business transformation programs.Tight
deadlines, ability to prioritize, to manage and to maintain
confidential information. -Technical & Soft skills
Strong business acumen, experience in
product security, in an energy management or related
industryExperience with risk assessment, threat modeling, and
security requirements definitionKnowledge of security standards
(IEC 62443, ISO27001, GDPR etc.) and their application to product,
offer and wider digital securityStrong understanding of security
principles, protocols, and technologies.Relevant certifications
such as Certified Information Systems Security Professional (CISSP)
or Certified Information Security Manager (CISM) would be a
plus.Academic degree in Business and/or Engineering: domain level
expertise could be a strong plus: Product, Software development,
Marketing, Tendering, Sales--- -Looking to make an IMPACT with your
career?When you are thinking about joining a new team, culture
matters. At Schneider Electric, our values and behaviors are the
foundation for creating a great culture to support business
success. We believe that our - IMPACT values - Inclusion, Mastery,
Purpose, Action, Curiosity, Teamwork - starts with us.IMPACT is
also your invitation to join Schneider Electric where you can
contribute to turning sustainability ambition into actions, no
matter what role you play. It is a call to connect your career with
the ambition of achieving a more resilient, efficient, and
sustainable world.We are looking for IMPACT Makers; exceptional
people who turn sustainability ambitions into actions at the
intersection of automation, electrification, and digitization. We
celebrate IMPACT Makers and believe everyone has the potential to
be one.Become an IMPACT Maker with Schneider Electric - apply
today!---36 billion global revenue+13% organic growth150 000+
employees in 100+ countries#1 on the Global 100 World's most
sustainable corporations - -You must submit an online application
to be considered for any position with us. This position will be
posted until filled. -Schneider Electric aspires to be the most
inclusive and caring company in the world, by providing equitable
opportunities to everyone, everywhere, and ensuring all employees
feel uniquely valued and safe to contribute their best. We mirror
the diversity of the communities in which we operate, and
'inclusion' is one of our core values. We believe our differences
make us stronger as a company and as individuals and we are
committed to championing inclusivity in everything we do. This
extends to our Candidates and is embedded in our Hiring Practices.
- -You can find out more about our commitment to Diversity, Equity
and Inclusion and our DEI Policy -At Schneider Electric, we uphold
the highest standards of ethics and compliance, and we believe that
trust is a foundational value. Our Trust Charter is our Code of
Conduct and demonstrates our commitment to ethics, safety,
sustainability, quality and cybersecurity, underpinning every
aspect of our business and our willingness to behave and respond
respectfully and in good faith to all our stakeholders. You can
find out more about our Trust Charter -Schneider Electric is an
Equal Opportunity Employer. It is our policy to provide equal
employment and advancement opportunities in the areas of
recruiting, hiring, training, transferring, and promoting all
qualified individuals regardless of race, religion, color, gender,
disability, national origin, ancestry, age, military status, sexual
orientation, marital status, or any other legally protected
characteristic or conduct. - - -
Keywords: Schneider Electric, Plymouth , Cybersecurity Officer for Sustainability Business, Other , Boston, Massachusetts
Didn't find what you're looking for? Search again!
Loading more jobs...