PSO Product Security Architect
The Product & Systems Security Office (PSO) is the central global organization responsible for defining the product & systems security posture for Schneider Electric. The PSO is looking for an experienced Product/Application Cybersecurity Architect who can work with our software/firmware security office, business teams, customers, certification bodies, and world-wide governments to create, lead, and represent our cybersecurity objectives.
The PSO Product Security Architect is a global role reporting to the PSO Head of Business Engagement (Director) and will be responsible to provide product security expertise and guidance to product development teams throughout all phases of the SDLC. The Product Security Architect will be working in collaboration with the other PSO teams, business security officers, business security advisors, product and system development engineering teams, certification groups/bodies, legal teams, customers, and governments.
The location for this position is open for consideration. All qualified candidates are encouraged to apply. No relocation or visa sponsorship is available.
The Cybersecurity Architect will:
- Engage with the organization on continuous improvement of our Secure Development Lifecycle (SDL) process and certifications.
- Provide deep expertise to engineering teams on SDL including threat modeling, secure design, secure development, secure testing, vulnerability assessments, and secure management for software and firmware development.
- Drive efforts with the engineering teams to quantify residual product risk and identification of appropriate security architecture.
- Audit key process deliverables related to security for correctness and completeness.
- Guide product managers and offer managers through security requirements and certifications.
- Represent, lead, and influence standards in global certification bodies/groups.
- Improve the cybersecurity reputation of Schneider Electric and ability to interact with customers on cybersecurity topics.
- Lead cybersecurity assessments of partners and technology providers.
Requirements and Qualifications
- Bachelor’s degree in a technical discipline required. Masters preferred.
- 7+ years of software development and engineering experience
- 5+ years of product/application cybersecurity including embedded systems (IT/OT)
- CSSLP – Secure Development process certification preferred
- CEH, CISSP, CCSP, ISO/IEC27001 certifications preferred
- IEC62443 certified expert preferred
- Common Criteria expert preferred
- Cross-group collaboration skills, with experience working directly with engineering teams
- Experience in international organization, leading international teams and leadership by influence
- Ability to work virtually across global time zones
- Ability to travel up to 15%, including internationally
- English fluent
Locations: United States; Europe