Applications Security Expert

Boston, Massachusetts


Description


Schneider Electricâ„¢ creates connected technologies that reshape industries, transform cities and enrich lives. Our 144,000 employees thrive in more than 100 countries. From the simplest of switches to complex operational systems, our technology, software and services improve the way our customers manage and automate their operations. Help us deliver solutions that ensure Life Is On everywhere, for everyone and at every moment: https://youtu.be/NlLJMv1Y7Hk .

Great people make Schneider Electric a great company.
Job Description: Context
Schneider Digital is the global IT organization within Schneider Electric. The Applications security and compliance framework is an Schneider Digital initiative to elevate the level of security and compliance of applications that the organization delivers.

This role reports to the Applications security and compliance center Manager and will be working in collaboration with the applications security and compliance regional managers and other IT specialists, as well as the Product Security Office to train in Schneider Electric security policies, processes and tools.

Responsibilities
The Applications Security Expert will work with project teams to ensure applications meet strict security policies.

  • Understanding project deliverables and application details
  • Running automated and manual security checks (not limited to tools) to uncover security holes in the system
  • Propose mitigation steps for identified risks and threats
  • Providing recommendations from a security perspective based on understanding of application and results of checks
  • Working with the Regional CISO, Digital Risk Leaders and keep up to date with Schneider Digital standards, policies and tools

Requirements for Applications Security Expert Behaviors and Competencies
The Applications Security Expert must demonstrate mature behaviors including:


Qualifications:

Education and Training Required
  • BE or MS or MCA Computers Science or Information Technology or related fields
Desirable
  • M. Tech Computers Science or Information Technology or related fields
  • Certifications - OSCP, OSCE, GPEN, GXPN, GICSP, GWAPT, OSWP, etc.
Skills Knowledge
The Applications Security Specialist should have in-depth knowledge and experience of the following:
  • Pentest standards and methodologies, OWASP
  • Subject matter expert in web/mobile/thick client/API/IoT/IIoT assessments
  • Good understanding of server vulnerabilities (Linux, Windows) and hardening
  • Familiarity with cloud platforms (preferably AWS)
  • Efficient and effective usage of pentest tools as well as demonstrate less dependency on tools.
  • Experience with automation, scripting (Python, Perl, Ruby, etc.)
  • Proactive interest in emerging technologies and techniques related to penetration testing
  • Ability to translate technical security topics in a business-friendly manner
  • Demonstrable teamwork skills and resourcefulness
Experience Required
  • 7-10 years' experience in Vulnerability Management
  • Minimum 2+ years of experience in penetration testing of web, mobile (iOS & Android), API, thick client
Desirable
  • Experience with red teams or CTF (Capture the Flag)
  • Experience with reverse engineering
  • Presented exploit POC/ research concepts at forums like exploit-db.
  • Participated in national/ international cybersec conferences.


We seek out and reward people for putting the customer first, being disruptive to the status quo, embracing different perspectives, continuously learning, and acting like owners. We want our employees to reflect the diversity of the communities in which we operate. We welcome people as they are, creating an inclusive culture where all forms of diversity are seen as a real value for the company. We're looking for people with a passion for success - on the job and beyond. See what our people have to say about working for Schneider Electric: https://youtu.be/6D2Av1uUrzY .

Let us learn about you! Apply today.

You must submit an online application to be considered for any position with us. This position will be posted until filled.

It is the policy of Schneider Electric to provide equal employment and advancement opportunities in the areas of recruiting, hiring, training, transferring, and promoting all qualified individuals regardless of race, religion, color, gender, disability, national origin, ancestry, age, military status, sexual orientation, marital status, or any other legally protected characteristic or conduct.

Concerning agencies: Schneider Electric does not accept unsolicited resumes and will not be responsible for fees related to such.

Schneider Electric is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

#LI-JB2