Expert, Infrastructure Security Engineer (Identity & Attack Path Management)

We are your Energy Technology Partner.

We electrify, automate, and digitalize every industry, business, and home, driving efficiency and sustainability for all.

At Schneider Electric, our values - IMPACT (Inclusion, Mastery, Purpose, Action, Curiosity, Teamwork) - are the foundation of everything we do.

Becoming an Impact Maker means turning sustainability ambitions into actions at the intersection of automation, electrification, and digitization.

Are you ready to lead the digital transformation to create a more sustainable world?

If you are up to challenge your creativity and make an impact, we are excited to welcome you!

Schneider Digital is the digital department of Schneider Electric, leading the digital transformation in the company by giving support globally to our internal teams and our clients.

Schneider Digital consists of 6 Digital Hubs worldwide which are strategically located to ensure a 24/7 support across the company (France, China, India, USA, Mexico and Spain).

Our Digital Hub in Barcelona is formed by +450 employees working in strategic projects and different roles such as Data, Cybersecurity, ERP, Cloud, Infrastructures, IT Project Management or Digital Marketing.

As an Infrastructure Security Engineer (Identity & Attack Path Management), you will play a critical role in ensuring the security, integrity, and resilience of our enterprise identity infrastructure across on-premises and cloud environments.

Leveraging your expertise in Active Directory, Azure AD / Entra ID, and hybrid identity integrations, you will analyze identity-related risks, detect misconfigurations, privilege escalation vectors, and lateral movement paths, and contribute to remediation strategies that strengthen the organization's identity posture.

As a key member of the Infrastructure Security team, you will collaborate with cloud, infrastructure, and security engineering teams, actively sharing knowledge and fostering a collaborative environment.

What will you do?

Within the Identity & Attack Path Management scope, we:


* Operate identity security and attack-path analysis solutions such as BloodHound, PingCastle, and equivalent platforms.


* Identify identity-related risks, misconfigurations, excessive privileges, and lateral movement vectors across AD, Entra ID, and hybrid identity environments.


* Perform continuous discovery and monitoring of identity exposures, high-risk objects, and structural directory weaknesses.


* Support incident, problem, and change processes related to identity and directory services.


* Analyze hybrid identity synchronization issues and collaborate with Cloud and Infrastructure teams to ensure secure, resilient, and compliant directory-services operations.


* Contribute to identity security baselines, remediation planning, and hardening initiatives that reduce the enterprise attack surface.

What qualifications will make you successful for this role?


* Candidates must possess a strong backg...