Schneider Electric creates connected technologies that reshape industries, transform cities and enrich lives. Our 135,000 employees thrive in more than 100 countries. From the simplest of switches to complex operational systems, our technology, software and services improve the way our customers manage and automate their operations. Help us deliver solutions that ensure Life Is On everywhere, for everyone and at every moment.
[ Link removed ]
Great people make Schneider Electric a great company.
Schneider Electric USA, Inc. is a leading provider of global, end-to-end AC and DC-based back-up power products and services, which include surge suppressors, Uninterruptible Power Supplies (UPS), power conditioning equipment, power management software, and DC power systems as well as precision cooling equipment, and professional and consulting services for Nonstop Networking.
We have the following position available in Andover, MA:
Enterprise Security Architect
The Enterprise Security Architect plays an integral role in defining and assessing the organization's security strategy, architecture and practices. The enterprise security architect will be required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services. This role is responsible for the overall security technology strategy, implementation approach, governance model and security standards necessary to support all of Schneider Digital IT & Digital Technology. The Enterprise Security Architect works with various stakeholders within the business units, PMO, Technology Operations and Information Security to ensure that the security technology objectives and solutions are aligned to the business mission, strategy, goals, and processes.
The Enterprise Security Architect will establish, maintain, and communicate a technology vision within an Information Technology & Digital Technology discipline. Participates in major technical decisions, develops technical proposals that consider alternatives and business cases, gains needed institution approvals, and works effectively across departmental organizations gaining consensus of stakeholders. Possess and maintains a strong working knowledge of multi-platform technical environments.
Responsibilities will include:
- Understands technology trends and the practical application of existing, new and emerging technologies to enable new and evolving business and operating models
- Establishes overall security architecture vision and ensures specific components are appropriately designed and leveraged
- Develop and maintain a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers
- Develop security strategy plans and roadmaps based on sound enterprise architecture practices
- Develop and maintain security architecture artifacts (e.g., models, templates, Threat Models, standards and procedures) that can be used to leverage security capabilities in projects and operations
- Track developments and changes in the digital business and threat environments to ensure that they're adequately addressed in security strategy plans and architecture artifacts
- Participate in application and infrastructure projects to provide security-planning advice
- Draft security procedures and standards to be reviewed and approved by executive management and/or formally authorized by the CISO
- Determine baseline security configuration standards for operating systems (e.g., OS hardening), network segmentation, and identity and access management (IAM)
- Develop standards and practices for data encryption and tokenization in the organization, based on the organization's data classification criteria
- Coordinate with DevOps teams to advocate secure coding practices, and to escalate concerns related to poor coding practices to the CISO
- Coordinate with the privacy officer or office to document data flows of sensitive information in the organization (e.g., PII or ePHI) and recommend controls to ensure that this data is adequately secured (e.g., encryption and tokenization)
- Validate IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable
- Validate security configurations and access to security infrastructure tools, including firewalls, IPSs, WAFs and anti-malware/endpoint protection systems
- Review network segmentation to ensure least privilege for network access
- Support the testing and validation of internal security controls, as directed by the CISO or the internal audit team
- Review security technologies, tools and services, and make recommendations to the broader security team for their use, based on security, financial and operational metrics
- Coordinate with BU PMO and Physical Security teams to assess the security of operational technology (OT) and Internet of Things (IoT) systems
- Liaise with other security architects and security practitioners to share best practices and insights
- Liaise with the business continuity management (BCM) team to validate security practices for BCM testing and operations when a failover occurs
- Maintains Enterprise level Security EA Principles and Patters
- Provides consulting support to IT teams within projects to ensure the project is aligned with overall enterprise security architecture
- Leads workshops, decision meetings, collaborative sessions, and executive briefings related to a wide range of Enterprise Security Architecture topics.
- Serves as a leader, consultant, mentor, or tutor in many specific technical architecture areas of expertise
- Provides key input to short and long-term department strategy and budget planning
Business Continuity Planning