Digital Risk Lead - Global Technology Services

About our Company Schneider Electric is the global specialist in energy management and automation. With revenues of ~€25 billion in FY, our ,+ employees serve customers in over countries, helping them to manage their energy and process in ways that are safe, reliable, efficient and sustainable. From the simplest of switches to complex operational systems, our technology, software and services improve the way our customers manage and automate their operations. Our connected technologies reshape industries, transform cities and enrich lives. At Schneider Electric, we call this Life Is On. Global Technology Services Digital Risk Leader (DRL) mandate is to support the development and enhancement of technologies, standards, enforcement across SE and other key initiatives such as remediation activities. GTS DRL is a strategic, governance and technical risk management expert for Enterprise IT, with a mission to optimize cyber security defence and minimize our attack surface. Responsibilities Work closely with the global security team and Enterprise IT teams in the coordination and facilitation of Schneider Electric security goals and initiatives Conduct ongoing information security risk analysis and develop processes to reduce the risk of security breaches Leverage knowledge of Schneider organization, programs, and roles / responsibilities to help enact security approaches against common and advanced attacks and exploits Ensure all IT systems comply with Schneider security requirements and configurations Ensure IT systems are updated and patched as needed to prevent or mitigate incidents Ensure Enterprise IT is designing security upfront in all new programs and technical solutions As a subject matter expert support in addressing security incidents and events within domain and across all regions to protect customer and corporate data and critical systems and lead the investigation to determine root cause and remediation Manage the deployment of security related project initiatives including project management responsibilities Animate innovation and knowledge exchange on data security best practices Work with all users to increase security awareness. Facilitate or provide individual and group training across the region to improve individual security acumen Evangelize security practices, and inform users on implications of poor security hygiene Partner the SecDevOps governance community Requirements Bachelor's or Master's Degree or higher in Engineering, Computer Science, Cybersecurity or another relevant field Strong, demonstrable passion for applied security and innovation. Strong understanding on the various toolsets and solutions to support a holistic cloud security strategy Professional knowledge of Cybersecurity and digital risk management Minimum 5-year relevant experience or operations Deep understanding of Technology risk in the areas of – cloud environment, security considerations, sustainability, business resilience, data privacy Understanding of the Regulatory requirements i.e. ISO Understanding of Cloud Technologies / Risk Management / Security - AWS, Azure, Alibaba, Google cloud, Oracle Cloud, Web Server technologies Kubernetes, containers, and microservices architectures Vulnerability scanning and container security Cloud identity Security controls focusing on NIST Knowledge of PCI-DSS Let us learn about you! Apply today. You must submit an online application to be considered for any position with us. This position will be posted until filled. DIGCYBR24