Xavier DUMAS

[Ph.D][CISSP] Strategic Risk Management | Regulatory Compliance | Cybersecurity Manager at Schneider Electric

Greater Nice Metropolitan Area

About

Accomplished cybersecurity leader with over 15 years of experience driving security strategy across IT and OT environments. Proven track record in defining and implementing integrated cybersecurity frameworks aligned with IEC 62443 and GDPR, reducing organisational and customer risk exposure. Skilled in leading cross-functional teams, managing vulnerability management, incident response, and secure development lifecycle initiatives. CISSP-certified with a Ph.D. in Computer Science, combining deep technical expertise with strategic vision to ensure compliance, resilience, and innovation in complex environments. Adept at influencing executive stakeholders and fostering a culture of security awareness.

Experience

  • Cybersecurity Manager at Schneider Electric
    Jun 2019 - Present · 7 yrs 1 mo

    Defined and implemented cybersecurity governance framework aligned with IEC 62443 and GDPR, reducing compliance gaps on critical products and systems (PLCs, Software, cloud, nuclear) Led a cross-functional project team in vulnerability management and incident response, mitigating critical risks within SLA. Integrated secure development lifecycle (SDLC) practices across product lines, improving security posture and reducing vulnerabilities. Conducted risk assessments for OT/IT environments, influencing strategic decisions and ensuring regulatory compliance. Managed supplier audits and legal assessments, strengthening third-party risk management.

  • Cybersecurity Expert at Capgemini
    Feb 2018 - May 2019 · 1 yr 4 mos

    Delivered SOC and SIEM optimisation projects, improving threat detection efficiency. Collaboration with Threat intelligence monitoring team, enhancing proactive risk mitigation. Collaborated with Red/Blue teams to strengthen security controls and detection capabilities.

  • CS Communication & Systèmes (10 yrs 5 mos)
    • Security Consultant
      Oct 2015 - Feb 2018 · 2 yrs 5 mos

      Security consultant for TISSEO Performed security audits and penetration tests using tools such as Kali, Nexpose, Nessus, and Metasploit. Managed log monitoring and vulnerability management with Graylog, Elasticsearch, Snort, and Suricata. Delivered risk management strategies aligned with ISO 27001/ISO27005.

    • Airbus Air Trafic Control Project Manager
      Nov 2011 - Oct 2015 · 4 yrs

      Directed development of critical embedded systems under DO178C standards for A380/A350 programmes. Managed teams of 2–5 engineers, ensuring maintenance of Aircrafts Air traffic control cockpit softwares. Led R&D initiatives on European projects, contributing to innovation in formal verification of embedded systems.

    • Software engineer
      Nov 2010 - Oct 2011 · 1 yr

      Focus on formal methods, critical embedded systems, and model transformation for safety and reliability.

  • Internship at ONERA
    Mar 2007 - Aug 2007 · 6 mos

    IDM-MDA: Model Transformation from AADL to AltaRica