Cyber Security Architect

The Cybersecurity Architect is responsible for following Secure Development Lifecycle v2 defined by Corporate Product Security Office in the projects, by aligning our product and system offers to the IEC 62443 family of security standards. To accomplish this the position leads a community of security professionals within the Industrial Automation business unit, ensuring that cybersecurity guidelines and processes are executed in an efficient and effective manner, and security components and solutions are implemented in an effective and efficient fashion. The Cybersecurity Advisor regularly interacts with all stakeholders involved in the projects.

Key responsibilities of the role

• Act as Subject Matter Expert, serving as a consultant and advisor for cybersecurity projects and topics, provide guidance, coaching and expertise to help the teams design and implement cybersecure solutions.

• Ensure product development teams abide with risk-driven cyber security solutions by ensure SDL v2 deployment

• Build Threat Models, analyze and review Threat Models. Provide guidance as a security consultant on new technology implementations.

• Together with marketing and product departments, specify and develop requirements to secure architectures and features.

• Participate with global Schneider Electric Cybersecurity Architecture Committee

• Proficient in vulnerability testing, risk analyses, security assessments, security standards, security protocols security systems, authentication protocols, public key infrastructures (PKIs), certification authorities (CAs), digital signatures and cryptography

Background and Key skills

• Architecture of component and system

• Broad knowledge of product / system security and regulatory requirements

• Attention to detail, ability to translate operational/information security requirements into security controls and provide usable architecture

• Ability to effectively adapt to and apply rapidly changing technology to business needs

• Experience in providing complete solution to protect API ecosystem from cyberattack. Ability to propose security architecture around IoT and connected devices including securing IoT network, authenticating IOT devices, encrypting IoT data, implementing IoT PKI security methods, IoT API security, AI Security

Required:

• Computer Science/Technology engineer with at least five (5) years of experience in information technology, cybersecurity, and emerging associated technologies as an architect .

• Experience in software and hardware product development with specific focus on defining cybersecurity features.

• Experience with IEC62443 and ISA99 security standards; ideally you are Certified Information Systems Security Professional (CISSP) or hold an equivalent cybersecurity certification.

• Fluency in English is required, French, or German is desirable to easily integrate in an international and multicultural environment.

• Knowledge of security risks to web applications, mobile, web services, and cloud applications

• Self-starter and team player; ability to work independently and drive initiatives

• Strong writing and communication skills, including the ability to render concise reports, summaries, and presentations

• Ability to guide technical discussions with both technical and non-technical audiences

Preferred:

• Experience with agile development methodologies (e.g. SAFe) is desirable.

• Strong analytical and problem-solving skills

• CISSP certification

• Project management skills