Product Security (SDL) Analyst M/F

The EcoAct Consulting division is part of Schneider Electric's Sustainability Business unit and provides climate consulting and project development services to help companies implement their Net-Zero strategies and achieve their carbon neutrality goals.

The aim is to lead the way by proposing sustainable solutions that deliver real added value for both the climate and the customer.

We are a Gold Partner of CDP, a founding member of ICROA, a strategic partner in the implementation of the Gold Standard for Global Goals, and report to the United Nations Global Compact.

We're a diverse team, made up of people all driven by the same goal: to tackle the planet's environmental challenges.

It may be our job, but it's also our passion.

In a collaborative working environment, you'll want to join a motivated, dynamic, and forward-looking team, and share your expertise to help develop the company and its subsidiaries.

Join the EcoAct's Climate Data Analytics (CDA) team and help us scaling our impact on climate change by developing digital products and data analytics that support our clients in definig low-carbon, climate risks oriented, nature based and transformation strategies.

Our mission is to globally contribute to the Net Zero transformation by delivering impactful and innovative solutions.

Our scope of activity concerns all climate-related services that companies and territories need to successfully change (climate risk assessment, carbon footprint, reduction strategy, biodiversity, etc.)

CDA's role is to design innovative methodologies and solutions to answer to clients' needs related to climate change.

KEY RESPONSABILITIES:

Involved in all phases of the Software Development Lifecycle, you will be in charge of assisting products developments to ensure compliance with Secured Development Lifecycle process.


* Synchronize our process to the IEC 62443-4-1 and ISASecure SDLA standards for SDL.

These standards are internationally certified.


* Increase rigor and consistency.

We need a common approach to building security into our products for all of Schneider Electric.


* Your role will be to support the End-to-End (E2E) initiative across all software and system development lifecycles.


* Contribute to the specifications of EcoAct's bespoke digital products with the cyber and data security prism.


* Promote and ensure best code practices.


* Process QA Reports.


* Threat Model and Architecture/Design Documentation.


* Ensure Code Reviews.


* Produce Static Code Analysis coding standards and report.


* Realize Unit Tests to check secure implementation (input validation, error handling...).


* Ensure Traceability between Security Requirements and Test Report.


* Provide Defect dashboard.


* Review Test Reports for Vulnerability testing, Ensure Non-Regression.

PREFERRED EXPERIENCE:

Must have:


* 2 years' experience as a security analyst working within Product Development/Infrastructure sec...