Senior Cyber Security Analyst - Product Vulnerability Management

Schneider Electric is seeking a Senior Cybersecurity Analyst (Product Vulnerability Management) in Boston, MA; Nashville, TN and Barcelona. This position will report to Schneider Electric's Head of Vulnerability Management. The successful candidate will support coordinated disclosure of vulnerabilities on all Schneider Electric products. As Senior Cybersecurity Analyst, you will support in coordinating the end to end process of vulnerability response lifecycle from intake to diclosure and you will be committed to remediation of security vulnerabilities in the products within reasonable time depending on the severity of the issue. You will partner with external security researchers and internal stakeholders like BU, legal, communication, and customer support for remediation and disclosure of the vulnerabilities. You will handle the effective management of customer and product related vulnerabilities, as well as continuous improvement of the necessary processes (e.g. Threat Intelligence, Inventory Management, Vulnerability Scanning etc.). You will collaborate with the Business Unit teams, as well as all other units where collaboration is needed for Cybersecurity (e.g. GSC, Corporate Legal, Schneider Digital, Communications). What will you do?

• Responsible for driving Vulnerability Management process execution in the Business Units whether externally reported or Internally discovered (Intake, Triage, Planning, Execution, Customer Notification, lessons learned etc)
• Coordinate and follow-up with the Division Cyber Security Officer and CERT Leaders for SLA adherence
• Escalate the cases that require attention
• Work with the BU and propose improvement of the related processes or identified gaps in the operations
• Support Security Notification process for patch Tuesday monthly releases
• Provide Timely response and update to the researchers
• Prepare detailed operational reports to bring insights on focus areas for BU and CERT leaders
• Train the CyberSecurity people and Offer Managers in the Business Units on Vulnerability Management
• Prepare and maintain Knowledgebase for the BU
• Act as a subject matter expert in the Vulenrability Management process and advocate the process across the BU We know skills and competencies show up in many ways and can be based on your life experience. If you do not necessarily meet all the requirements that are listed below, we still encourage you to apply for the position. What qualifications will make you successful for this role?
• Overall 7 years experience and 2 years CyberSecurity experience
• Bachelor's degree in Cybsesecurity, Computer Science, Information Systems or Engineering / Science required
• Good and proven CyberSecurity skills and experience in issue management as well as designing / defining proactive mitigation strategies
• Extensive understanding of triaging and assessing risks associated with cybersecurity vulnerabilities in Critical Infrastructure products (CVSS, CWE, OWASP Top 10)
• Qualifications / Certifications in Cybersecurity a plus (CEH, CSSLP, CISSP etc.)
• Ability to work with autonomy and self motivated
• Ability to organize and run efficient meetings and document meeting minutes and action items
• Demonstrated ability to stay focused
• Ability to conform to shifting priorities, demands and timelines through analytical, problem solving and organization capabilities
• Ability to multi task, and to work under pressure
• Experience & understanding of the complexity of co-working in a global project team
• Strong attention to detail when reviewing external documentation
• Good understanding and experience of best practices of end-2-end secure development lifecycle for products and systems
• Good understanding and experience of key topics in Cybersecurity as Vulnerability Management, Risk Management, Incident Response, Penetration Testing, Quality assurance
• Good understanding of the differences and challenges of the convergence of OT and IT worlds for our customers
• Strong interpersonal and intercultural skills
• Excellent presentation and communications skills, both written and oral
• High level of energy and passionStrong interpersonal and intercultural skills
• Excellent presentation and communications skills, both written and oral Schneider Electric offers a comprehensive benefits package to support our employees, inclusive of medical (with member reward points), dental, vision, and basic life insurance, Benefit Bucks (credits to apply towards your benefits) flexible work arrangements, paid family leaves, 401(k) match, well-being and recognition (including service anniversary) programs, 12 holidays per year, 15 days of paid time off per year (pro-rated in the first year of employment based on start date), opportunity to purchase company stock (eligibility depends on start date), and military leave benefits. Let us learn about you! Apply today. You must submit an online application to be considered for any position with us. This position will be posted until filled. Looking to make an IMPACT with your career? When you are thinking about joining a new team, culture matters. At Schneider Electric, our values and behaviors are the foundation for creating a great culture to support business success. We believe that our IMPACT values - Inclusion, Mastery, Purpose, Action, Curiosity, Teamwork - starts with us. IMPACT is also your invitation to join Schneider Electric where you can contribute to turning sustainability ambition into actions, no matter what role you play. It is a call to connect your career with the ambition of achieving a more resilient, efficient, and sustainable world. We are looking for IMPACT Makers; exceptional people who turn sustainability ambitions into actions at the intersection of automation, electrification, and digitization. We celebrate IMPACT Makers and believe everyone has the potential to be one. Become an IMPACT Maker with Schneider Electric - apply today! €36 billion global revenue 13% organic growth 150 000 employees in 100 countries #1 on the Global 100 World's most sustainable corporations You must submit an online application to be considered for any position with us. This position will be posted until filled. Schneider Electric aspires to be the most inclusive and caring company in the world, by providing equitable opportunities to everyone, everywhere, and ensuring all employees feel uniquely valued and safe to contribute their best. We mirror the diversity of the communities in which we operate, and 'inclusion' is one of our core values. We believe our differences make us stronger as a company and as individuals and we are committed to championing inclusivity in everything we do. This extends to our Candidates and is embedded in our Hiring Practices. You can find out more about our commitment to Diversity, Equity and Inclusion here and our DEI Policy here At Schneider Electric, we uphold the highest standards of ethics and compliance, and we believe that trust is a foundational value. Our Trust Charter is our Code of Conduct and demonstrates our commitment to ethics, safety, sustainability, quality and cybersecurity, underpinning every aspect of our business and our willingness to behave and respond respectfully and in good faith to all our stakeholders. You can find out more about our Trust Charter here Schneider Electric is an Equal Opportunity Employer. It is our policy to provide equal employment and advancement opportunities in the areas of recruiting, hiring, training, transferring, and promoting all qualified individuals regardless of race, religion, color, gender, disability, national origin, ancestry, age, military status, sexual orientation, marital status, or any other legally protected characteristic or conduct.