Cybersecurity and Data Protection Advisor

• Cybersecurity regulatory compliance (e.g., RED DA, CRA, EU Data Act, UK PSTI, ) for products by raising awareness to influence product (R&D) investment plans.
• Support product owners and product teams in specifying security requirements and bring expert knowledge of relevant Cybersecurity standards and regulations. Bring security best practices for design, automation, and tool selection.
• Act as an expert facilitator on practices such as secure design, threat modeling, and vulnerability management.
• Advising on effective solutions for enabling cybersecurity and data protection by design and by default capabilities.
• Work with Schneider Electric Global and Divisions Product security teams to improve the process of review and the tool used, identifying use cases and areas for improvement and automation.
• Form a network of experts inside and outside the line of business to engage as necessary on technical reviews, risk management and customer topics.
• Identify critical partner and supplier dependencies and their impact for the Division.
• Industry involvement and influencing, external engagements, make Division cyber known internally and externally.
• Lead product security posture management across global R&D centers through collaboration with cross-functional teams including product marketing, R&D, and supply chain.
• Conduct security assessments of brand-labeled products, managing SBOM vulnerabilities and FOSS license compliance in partnership with legal, global governance, and Center of Excellence functions.
• Enhance effectiveness within Home Solutions CSO team by delivering security solutions, providing mentorship, and improving governance through risk-based security review playbooks and validation guidelines.
• Improve and implement comprehensive product lifecycle risks across diverse portfolios including end-devices, edge computing, mobile applications, and cloud services for both new and legacy products.
• Drive governance initiatives in compliance with SDL standard and global regulations such as EU RED-DR/CRA, while prioritizing industrial OT standards and market requirements.
• Lead the development of security technical mandates like specifications for product creation with a platform-sharable approach, applying architectural strategies that meet project objectives while addressing regulations, customer needs, industrial requirements, costs, and standards.

资格

Requirements and Qualifications:
• Proficiency in spoken and written Chinese is required.
• Proficiency in spoken and written English is required.
• Experience in the cybersecurity & privacy field, including previous performance of Cybersecurity & privacy reviews.
• Hands-on experience of IT and profound knowledge of the technical requirements related to Cyber and Privacy by Design.
• Experience with risk assessment, threat modeling, and security requirements definition.
• Knowledge of security standards (IEC 62443, ISO27001, GDPR etc.) and their application to product, offer and wider digital security.
• Privacy and Information Security certification (e.g. CISSP, CISM, CIPP, CIPM) and knowledge of applicable privacy regulations and frameworks (e.g. GDPR, CCPA, NIST CSF) desirable.
• Relevant education or external accreditation in the areas of data protection, cybersecurity, audit, quality or risk management would be a plus.
• Strong organizational skills are required.
• Effective communication skills, multi-tasking and problem-solving
• Ability to influence and engage successfully with business & cyber leaders.

时间表: 全职
请求编号: 009JNT

Client-provided location(s): Shenzhen, China, Lanzhou, China

Job ID: Schneider_Electric-https://careers.se.com/jobs/009JNT?lang=zh-cn

Employment Type: OTHER

Posted: 2026-03-06T18:58:54