Cybersecurity, Penetration Test senior engineer

The main missions & responsibilities for the position are the following:

• Be able to act functionally as a penetration testers
• Coordinate and Executes tests based on formal pen Test Procedures.
• Perform the activities in China pen test lab
• Responsible for capacity planning, scheduling, execution of Pen tests using Full time Employees, Full time contractors & outsourcing partners
• As Schneider Electric makes electrical equipment's; he\she will be responsible for all safety aspects of people and equipment involved during the pen tests.
• Be responsible and accountable for Quality of pen tests executed.
• Strategizes Test Scenarios and Execution of Penetration Tests.
• Works with project teams to explain the vulnerabilities.
• Be able to coordinate with other Global Security pen tests labs in SE for following global guidelines and for contributing the global pen test standards for improvements.
• Enhances Test Procedures and Methods
• Bring security support to Business Unit projects on offer development through high level consultation post the test.
• Work closely with other Pen testers, project teams and SDL process teams to work on research, investigations, definition of SoP(standard operating Procedures), deployments, training, creating assets for efficiency in the cyber-security practices.
• Investigate potential 3 rd party cyber security offer\tools (startup, etc.) to improve the global security level of our offers
• Possesses advanced knowledge in the key principles and practices of Penetration Testing and Procedures. Like fuzz test, password cracking etc.
• Understand impact of various standards like IEC 62443 \ Data Privacy (US, GDPR...), IoT/Edge/cloud standard and regulation and make proposals for the improvement in our testing practices
• Work with cyber security stakeholders (Schneider IT security team, BU teams, lawyer) on all the different aspect of IoT & Cloud security (network, server, secure application development, security operation ...)

• Bachelor's degree in Computer Science, Mathematics, Information Technology or equivalent work experience Certifications like OSCP, SANS GPEN, SANSGWAPT or any other industry accredited security certifications would be preferred
• Understanding of at least three of the following: cryptography, fuzzing, hardware security, kernel hacking, and reverse engineering
• Developing, extending, or modifying exploits, shellcode or exploit tools OT/IoT security assessments
• Experience in leading functional teams without having hierarchy manager responsibility