Cybersecurity Regional Subject Matter Expert

Schneider Electric

  • New Cairo, Cairo
  • Permanent
  • Full-time
  • 29 days ago
Who are we and what we stand for?When you work for Schneider Electric you work for a company that is passionate about its people. Our people vision says, Great people make Schneider Electric a great company. We are proud to promote purpose, diversity, inclusion, learning and work-life integration – we’re a great place to work and we are continually striving to be the best place to work!Your MissionIndeed Cybersecurity for Customer Projects and services needs to address major challenges such as the risks generated to our customers network and installations, and the compliance of our systems and services to global cybersecurity standards and regulations.
We have decided to create a common cybersecurity organization focused on projects and services to strengthen our cybersecurity posture, coordinate and accelerate our transformation , especially :
- Lead the transformation and coordination from Tendering to Operations in Global Customer Projects and Field Services Operations organization
- Put in place a common governance and community across project and services in order to implement the key projects and initiativesWithin the Global Customer Projects and Services Operations Cybersecurity organization, and reporting strong line to the Customer projects and Services Security Officer – CPSSO, your role , as a Regional Cybersecurity Subject Matter Expert (SME) will be :To support the design, deployment and operation of the cybersecurity transformation workstreams in your Regional area of responsibility, having dotted line to the Regional Global Customer Projects (GCP) VP.
GCP Regional Cybersecurity SME engage with project and services operation teams, providing support with cybersecurity topics with the objective of ensuring projects and services are secure. They also fill the role of a Subject Matter Expert, serving as a consultant and advisor for cybersecurity topics.
Their objectives are achieved through close follow-up, monitoring and continuous evaluation of the projects and services they are responsible for.Your Role – Magic happens when you bring great people together!
  • Support tender managers in identifying Customers cybersecurity maturity, risks linked to customer requirements and providing mitigation solutions and support to negociation with customers
  • Support Procurement in negociation with Third-parties and suppliers in link with application of our cybersecurity compliance framework
  • Mitigate risks and defend our competitiveness by implementing good security practices and supporting project teams during our Integration and Operation activities, first step towards IEC 62443 certification.
  • Deploy OSDL (Operations Secure Development Lifecycle – from staging to commissioning) process & guidelines, in link with security requirements of IEC62443-2-4 and Customer Project Processes (CPP):
o Compliance with standards & regulations, moving to basic/intermediate/ advanced levels
o Covering design, integration, configuration, testing, commissioning, and handover
o Collection of personnel, hardware, software, tools, procedures and policies, aligned with quality processes
o Ensure a consistent and efficient cyber and product security risk mitigation throughout the project lifecycle
o Support implementation of cybersecurity good practices in services operations teams in his area
 Device and equipment maintenance, ensuring that security is not degraded as a result of these activities, Patching and anti-virus updates, secure tooling and practices for Remote support, execution of cybersecurity site services
  • Support cybersecurity services business growth with strong CAPEX to OPEX attach rate, detection and generation of cyber services and projects opportunities, in coordination with Cyber services team
  • Implement efficient and targeted vulnerability containment actions and Incident escalation in coordination with Global Cybersecurity expertise teams and through our Quality processes
  • Be the projects end-user advocate and contribute to cybersecurity practices design by identifying and escalating business needs.
  • Act as level 2 support to project cybersecurity champions located in local hubs, in their day to day mission which is to provide Cybersecurity support to local project teams activity (esp. in link with Vulnerability management, incident escalation, implementation of good practices and compliance controls)
  • Act as a champion for countries / hubs which do not have specific cybersecurity skills.
  • Contribute to Customer projects and Services Operations Cybersecurity community
o Animate the champions community in his area
o Participate actively in Global network of Excellence
  • Cyber Training and awareness
o Ensure proper application of processes & rules inside our Regional / Zone / country Projects and Services organizations
o Promote cybersecurity best practices and a “security first” mindset
o Contribute to the cybersecurity training material design, and deployment
Main interactions:
The above activities will be executed in close collaboration with Cybersecurity and Product Security from Governance, Digital Sales & Support organization from Schneider Digital and Cybersecurity services from Industrial Automation BU.
Main interfaces: GCP & SO security officer and central expertise team, PSO (Product Security Office), Digital Risk leader, Cyber experts & community, GCP & SO Regional and local project teams, Contract management, legal experts, EMBU Product LOBs, Services Operations leadersKey skills & requirements
  • Good leadership, influence & convince skills
  • English Fluent, more languages would be a plus
  • Good knowledge of SE products – multi LOB (Secure Power & Cooling, Power Systems, Digital power, Industry), especially associated communication and systems networks features.
  • Good knowledge of SE Ecostruxure architectures
  • Knowledge of Field Service offer, especially digital services, would be a plus.
  • Customer segments & applications
  • You have good relationships, a good level of oral communication and enjoy international contacts
  • You are flexible and have a good sense of customer service
  • International travel to be expected
QualificationsAbout You
  • 6+ years of OT/IT security experience with a proven ability to engage with Senior Management, Product, Engineering and the business.
  • Master’s degree in IT/Computing/Engineering required, or related degree from an accredited university
  • Fluency in English
  • Experience working cross functionally and collaboratively in a team environment
  • Experience working in an international environment
  • Experience related to cyber security in products development, and preferably in a projects/services/site environment
  • Experience guiding and assisting organizations in implementing appropriate Cybersecurity practices
  • Experience in Customer applications / Projects / services tendering and operation
Preferred:
  • Strong analytical and problem-solving skills
  • CISSP and or ISA IEC certification
  • Prior experience performing security reviews and risk assessments

Schneider Electric