Principal Cyber Security Engineer
Location:
Fort Collins , Colorado
Posted:
December 15, 2017
Reference:
003TDS
Schneider Electric™ creates connected technologies that reshape industries, transform cities and enrich lives. Our 160,000 employees thrive in more than 100 countries. From the simplest of switches to complex operational systems, our technology, software and services improve the way our customers manage and automate their operations. Help us deliver solutions that ensure Life Is On everywhere, for everyone and at every moment: https://youtu.be/NlLJMv1Y7Hk .

Great people make Schneider Electric a great company.

Principal Cyber Security Engineer, Pelco by Schneider Electric – Fresno, California or Fort Collins, Colorado
Pelco by Schneider Electric understands information is critical to success, which is why we are singularly focused on the development of video surveillance and security solutions, providing our customers the information necessary to make real-time, business-enabling decisions. From the recently introduced VideoXpert video management platform to our industry-leading selection of IP cameras and accessories, Pelco is committed to designing and delivering a broad range of high-quality, IP video security products and systems complemented with an unparalleled level of customer support and services. Learn more about Pelco by Schneider Electric at Pelco.com.

What do you get to do in this position?
Reporting into the Engineering organization, this position is responsible for designing & leading the Cyber Security Operations technical roadmap and tooling, ensuring Cyber Security Operations technical capability remains in an optimum state at all times.
  • Propose security architecture schemes based upon best practices and industry accepted standards in alignment with Pelco by Schneider Electric offer security strategy.
  • Establish a standard set of functional and non-functional security requirements for embedded systems, application software (client & server), web and mobile applications.
  • Support offer creation secure requirements generation through consultation and review.
  • Define coding invariants, and guidelines for development teams that incorporate security as part of the secure development life cycle (SDL).
  • Define application development standards (methodologies) with specific focus on security; coach, mentor the development team on the concepts and advise on implementation.
  • Validate & certify applications for functional and non-functional security requirements in coordination with Partner cyber testing resources.
  • Recommend architectural modifications, coding options, to assist development teams in mitigating risks & vulnerabilities identified during Threat Models, Penetration Testing, FMEAs; and in support of Incident and Vulnerability Management findings.
  • Define Enterprise entitlement / authorization framework and implement for internal and external users (e.g. consider extending SSO using open ID and other standards).
  • Collaborate closely with the Infrastructure security team to implement network and server level security.
  • Collaborate, support and align with Pelco by Schneider Electric security architecture initiatives / activities.

Qualifications:
Qualifications:
  • Bachelors in Computer Science, Electronics Engineering or related field, or comparable industry experience required; Master's level preferred.
  • 10 years of overall software development & implementation experience in Operational Technology (OT) applications.
  • Specialized Security Architecture training and certifications
  • 3 years of experience as security architect with experience in three or more of the following areas, a plus:
    • Authentication, authorization & SSO framework for web application
    • Vulnerability assessment for application/embedded software and experience with automated scan tools
    • Certificate Management in embedded systems
    • Secure OT/ICS protocols
    • Secure embedded hardware & secure manufacturing
    • Trade restrictions regarding cryptography
    • Data privacy regulations
  • Experience in industry specification around vulnerability and threat management.
  • Experience conducting threat modeling exercises, a plus.
  • Experience with SCA and DCA tools (e.g. Klocwork, MISRA).
  • Excellent communication skills with proven ability to interact and negotiate with offer creation, project management, upper management; presentation skills a plus.
  • Working knowledge of software development methodologies: Agile essential.
  • Ability to mentor/guide development team members.
  • Excellent interpersonal skills in areas such as teamwork, facilitation and negotiation.
  • Strong leadership skills.
  • Excellent planning and organizational skills.
  • Ability to understand the long-term ("big picture") and short-term perspectives of situations; strategic thinking & critical thinking.
  • Ability to translate business needs into solution architecture requirements.
  • Ability to define multiple solution options to business problems.
  • Ability to quickly comprehend the functions and capabilities of new technologies.
  • Possess current security certifications, a plus (e.g., CISSP, CSSLP, ISSAP/ISSEP, CEH, SSCP).
  • Must be able to pass a background check.
  • Basic knowledge of business process re-engineering principles and processes.
  • Working knowledge of multiple programming languages: e.g. C/C , JavaScript, Java, Python, .Net, C#, PHP, MySQL.

We seek out and reward people for being straightforward, open, passionate, effective and challenging the status quo. We want our employees to reflect the diversity of the communities in which we operate. We welcome people as they are, creating an inclusive culture where all forms of diversity are seen as a real value for the company. We're looking for people with a passion for success - on the job and beyond. See what our people have to say about working for Schneider Electric: https://youtu.be/6D2Av1uUrzY .

Let us learn about you! Apply today.

You must submit an online application to be considered for any position with us. This position will be posted until filled.

It is the policy of Schneider Electric to provide equal employment and advancement opportunities in the areas of recruiting, hiring, training, transferring, and promoting all qualified individuals regardless of race, religion, color, gender, disability, national origin, ancestry, age, military status, sexual orientation, marital status, or any other legally protected characteristic or conduct.

Concerning agencies: Schneider Electric does not accept unsolicited resumes and will not be responsible for fees related to such.

A little about us:
We’re the global specialist in energy management and automation. Our technologies ensure that Life Is On everywhere, for everyone and at every moment.

Know someone who would be interested in this job? Share it with your network.