Requirements: English
Company: Schneider Electric
Region: catalonia, espana , Catalonia
Do you dare to lead the digital transformation to create a more sustainable world?
At Schneider Electric, we are the leading digital partner in sustainability and efficiency for businesses, communities, and individuals. Our goal is for all people to be able to make the most of our energy and resources through the integration of processes, software, big data, and energy technologies that enable integrated management of buildings, industries, and cities. We are present in over 110 countries with a diverse and disruptive team of over 150,000 people. If you are seeking an opportunity to propel your career and challenge your creativity, we want to meet you!
The Data & Performance (D&P) organization drives the Companys agenda to delivered Trust Data @ Scale. As part of this, it also owns the companys data security strategy and initiatives to ensure proper data guardrail is in place.
Aligned to our Code of Conduct, the Trust Charter, and the regulatory landscape, we are seeking an experienced Data Security Lead with an innovative, agile and pragmatic mindset to secure data flows, architecture, bolster regulatory compliance and future-proof our Data Strategy for existing and emerging threats.
What will you do?
- Lead the Data Risk management activity with a focus on Data security and protection, governing the rollout of policies, controls, standards and performance measurement.
- Lead key Data Risk & Security Portfolio initiatives, such as Data Classification Operationalisation, Secure Data Sharing, Data Discovery or Data Loss Prevention
- Support Data Security governance topics such as Crown Jewels, critical systems/assets protection, critical supplier interactions, data systems resilience (e.g. BCP)
- Proactively engage the network of Data Officers & Data Domains with respect to Data Risk & Security, while providing guidance and mentoring to Data Offices as needed
- Animating innovation and knowledge exchange on data security & risk best practices, data security education and awareness initiatives
- Using data and learnings from past incidents to drive auto-discovery capability
- Manage data incidents / security incidents to ensure cohesive responses
- Provide dashboard to management visibility of data risks
- Manage ISO 27710 (ISO27001 extension) to achieve compliance
- Brainstorm and defining best-in-class security processes, including monitoring capabilities, to ensure the security of data supply chains
- Design security initiatives to future-proof the security posture of data supply chains based on incidents, results from red team exercises, etc.
- Collaborate and work as a team (internal and external) to achieve team objectives
- Develop and deliver security training education and awareness initiatives
- Provide guidance and ensure Business Data Offices continuous compliance to Schneider Electric security, legal and data privacy policies and standards.
What qualifications will make you successful for this role?
- A solid security or enterprise architecture background is beneficial as well as understanding of Cloud and Database /data management:
- External or internal consulting / IT advisory experience, preferably with a global reach
- Experience with data security (inc. DLP and DSPM) and access rights management including IAM (identify access management) is a must
- Risk Assessment & Management skills / Audit capabilities: certifications, crown jewel evidence, BCP on track, post mortem on security incidents for gov adherence, overall reporting on security platform incidents
- Analytical thinking, able to communicate with functional / business owners and with technical teams
- Infrastructure: Azure, AWS environment including Lambda, Glue, Cloud Formation, API Gateway
- Familiarity with data pipelines regardless of the technology and with SQL (RedShift in particular is a plus)
- Able to communicate with functional / business owners and with technical teams
- Able to distill complexities into a succinct story for executive (e.g. 1-pager powerpoint)
Soft Skills
- Customer first, Innovation Oriented ways of working (flexible, personable, approachable, creative, bias-to-action and pragmatic)
- Strong analytical and problem-solving skills and ability to work under tight deadlines; self-prioritize responsibilities.
- Strong written and verbal communication skills to effectively communicate security principles, policies and procedures into actionable designs and simple to follow mitigation steps for team members
- Innovative, creative, entrepreneurial
- Team player & re