Job purpose: Schneider Electric is searching for a Cybersecurity and Data Protection Advisor in the Home Solutions division within its Energy Management Business reporting to the Home Solutions Cybersecurity Officer (CSO).

This position is fully responsible for proactively ensuring with Home Solutions development teams to meet cybersecurity internal and external requirements, personal data protection, and regulatory compliance for products with strong skills to drive behaviors: challenge, support, collaboration, and shaping the future.

The Cybersecurity and Data Protection Advisor mandate is focused on supporting the development of products and systems that are resilient against cyberattack, manage risk and advise R&D teams enabling cybersecurity and data privacy and protection capabilities by design and by default in Home Solutions products.

Drive regulatory compliance influencing product investment plans (R&D) while building trust with customers, the ecosystem and authorities.

Job Responsibilities:

• Deploy Schneider Electric Secure Development Lifecycle program and systematically conduct, together with the Cybersecurity Officer, Formal Cybersecurity Reviews (FCSR).

• Bring Cybersecurity and data protection requirements for offers/products within the Home Solutions division and address expectations from customers and authorities.

• Perform cybersecurity and privacy risk assessments to Home Solutions offers, systems, app services to identify, evaluate, communicate risks and provide mitigating actions, and ensure compliance.

• Cybersecurity regulatory compliance (e.g., RED DA, CRA, EU Data Act, UK PSTI, ) for products by raising awareness to influence product (R&D) investment plans.

• Support product owners and product teams in specifying security requirements and bring expert knowledge of relevant Cybersecurity standards and regulations.

• Bring security best practices for design, automation, and tool selection.

• Act as an expert facilitator on practices such as secure design, threat modeling, and vulnerability management.

• Advising on effective solutions for enabling cybersecurity and data protection by design and by default capabilities.

• Work with Schneider Electric Global and Divisions Product security teams to improve the process of review and the tool used, identifying use cases and areas for improvement and automation.

• Form a network of experts inside and outside the line of business to engage as necessary on technical reviews, risk management and customer topics.

• Identify critical partner and supplier dependencies and their impact for the Division.

Industry: involvement and influencing, external engagements, make Division cyber known internally and externally.

• Lead product security posture management across global R&D centers through collaboration with cross-functional teams including product marketing, R&D, and supply chain.
• Conduct security assessments of brand-labeled products, managing SBOM vulnerabilities and FOSS license compliance in partnership with legal, global governance, and Center of Excellence functions.
• Enhance effectiveness within Home Solutions CSO team by delivering security solutions, providing mentorship, and improving governance through risk-based security review playbooks and validation guidelines.
• Improve and implement comprehensive product lifecycle risks across diverse portfolios including end-devices, edge computing, mobile applications, and cloud services for both new and legacy products.
• Drive governance initiatives in compliance with SDL standard and global regulations such as EU RED-DR/CRA, while prioritizing industrial OT standards and market requirements.
• Lead the development of security technical mandates like specifications for product creation with a platform-sharable approach, applying architectural strategies that meet project objectives while addressing regulations, customer needs, industrial requirements, costs, and standards. 资格 Requirements and Qualifications:
• Proficiency in spoken and written Chinese is required.
• Proficiency in spoken and written English is required.

Experience: in the cybersecurity & privacy field, including previous performance of Cybersecurity & privacy reviews.

• Hands-on experience of IT and profound knowledge of the technical requirements related to Cyber and Privacy by Design.

Experience: with risk assessment, threat modeling, and security requirements definition.

• Knowledge of security standards (IEC 62443, ISO27001, GDPR etc.) and their application to product, offer and wider digital security.
• Privacy and Information Security certification (e.g. CISSP, CISM, CIPP, CIPM) and knowledge of applicable privacy regulations and frameworks (e.g. GDPR, CCPA, NIST CSF) desirable.
• Relevant education or external accreditation in the areas of data protection, cybersecurity, audit, quality or risk management would be a plus.
• Strong organizational skills are required.
• Effective communication skills, multi-tasking and problem-solving
• Ability to influence and engage successfully with business & cyber leaders. 时间表: 全职 请求编号: 009JNT