Job Title

Schneider Electric SE is a French multinational company that specializes in digital automation and energy management. Schneider Electric is a publicly traded Fortune Global 500 company, the company posted revenues of €34.2 billion. It addresses homes, buildings, data centers, infrastructure and industries, by combining energy technologies, real-time automation, software, and services. Schneider Electric is the parent company of APC, Aveva, L&T E&A among so many. Lauritz Knudsen Electrical and Automation is a pioneering electrical and automation brand with a rich legacy of over 70 years in India. We offer comprehensive portfolio of low-voltage switch gear, medium-voltage switch gear, automation solutions, software, and services catering to diverse segments, including homes, agriculture, buildings, infrastructure, and industry. Position: Deputy General Manager- Product Security Qualifications: B.E/B.Tech/M.E/M.Tech Experience: 12-15 years Location: Navi Mumbai (Mahape) Job Description: Lauritz Knudsen Electrical & Automation team is seeking a talented, dynamic and experienced Cybersecurity Advisor to join our team. The Security Advisor is responsible for the adoption and implementation of the Secure Development Lifecycle framework as per IEC 62443-4-1 standard and other cybersecurity policies, procedure, and best practices, and to advise on cybersecurity technical requirements for the development of secure products and systems. The Security Advisor regularly interacts with key stakeholders like representative from offer development, architecture, regulations conformity teams and technical leaders as well as stakeholders from the corporate governance teams to ensure that cybersecurity guideline and processes are executed in an efficient effective and compliant manner. The ideal candidate will be able to combine process and technical advisory role with assertive engagement and escalation when appropriate. The idea is not only to have people only consulting and advising, but also “acting like owners” and having an impact in our “shift-left” strategy for “security by design”. Responsibilities: Serve as the Subject Matter Expert to ensure cybersecurity topics are prioritized and embedded in the Offer development process from the design phase. Provide guidance, coaching, and expertise to implement Secure Development Lifecycle practices such as threat modeling, secure design, secure coding, implementation, and security testing. Collect Secure Development Lifecycle and cybersecurity metrics to contribute to data-driven strategies and plans in a protective manner. Aid in the deployment of Secure Development Lifecycle and cybersecurity functionalities as required by standards such as IEC 62443, and work to improve the effectiveness and efficiency of these processes. Ensure that assigned development teams adhere to risk-driven cybersecurity processes and controls throughout the development lifecycle. Assist development teams in managing vulnerability triage and resolution as needed to maintain secure software environments. Support teams in conducting internal Secure Development Lifecycle audits and Cybersecurity Reviews and ensure compliance with company’s data security and privacy processes. Perform foundational data protection and privacy screening of offers to ensure data privacy requirements are integrated from the initial design stages. Represent offer development teams in Business Unit and PSO security meetings and workshops. Stay informed about new policies, procedures, cybersecurity standards, regulations, legislation, and technologies, and keep R&D leadership updated on relevant emerging activities. Conduct training sessions and presentations to enhance cybersecurity competencies within development teams. Monitor organizational maturity using cybersecurity maturity frameworks and track other Secure Development Lifecycle-related goals as directed. Take an active part in the cybersecurity communities. Qualifications : Bachelor’s/Master’s degree in Computer Science, Information Technology or related field. Proven experience in cybersecurity leadership role, with a focus on cloud solution and connected offers. In-depth knowledge of OT and IoT technologies, protocol and architectures. Certification such as CISSP, CISM or Azure specific certifications are highly desirable. At least 8+ years of experience in Product and Cloud Security with total 12-15 years of total experience in engineer company. Minimum 5+ years of product security based on IEC 62443 and exposure of offer certification based on IEC 62443-4-2 and IEC 62443-3-3 . Strong understanding of regulatory requirements and compliance frameworks related to connected device and cloud security. Excellent communication, leadership and interpersonal skills. Experience: Experience on Secure Development Lifecycle based on IEC 62443-4-1 or equivalent. Secure Software Environments, Threat Modelling based on STRIDE and other frameworks and threat analysis and CVSS scoring. Security Testing of security requirements, privacy requirements, threat model etc. Secure Coding and static code analysis Cybersecurity Maturity Frameworks, Data Protection, Secure Design, Cybersecurity Competencies, Risk-driven Cybersecurity, Vulnerability Triage, Data Security, Data-driven Strategies, R&D Leadership, Privacy Processes, Privacy Screening, Very good understating of IEC 62443, NIST. Understanding of Develops Software Composition Analysis and Software Bill of Material Qualifications: B.E/B.Tech/M.E/M.Tech Preferred Industry Experience: Power Distribution, Energy Management, Water, Oil & Gas Schneider Electric aspires to be the most inclusive and caring company in the world, by providing equitable opportunities to everyone, everywhere, and ensuring all employees feel uniquely valued and safe to contribute their best We mirror the diversity of the communities in which we operate and we ‘embrace different’ as one of our core values. We believe our differences make us stronger as a company and as individuals and we are committed to championing inclusivity in everything we do. This extends to our Candidates and is embedded in our Hiring Practices. You can find out more about our commitment to Diversity, Equity and Inclusion here and our DEI Policy here Schneider Electric is an Equal Opportunity Employer. It is our policy to provide equal employment and advancement opportunities in the areas of recruiting, hiring, training, transferring, and promoting all qualified individuals regardless of race, religion, color, gender, disability, national origin, ancestry, age, military status, sexual orientation, marital status, or any other legally protected characteristic or conduct.