Join our Global Cybersecurity Governance team which is responsible for providing a common Cybersecurity Policy Framework across the Siemens business units worldwide.
We at Siemens are more than employees: We are actively helping to make people’s lives a little better every day. Would you like to be a part of that? Then join us. We offer you a high level of practical relevance as well as an opportunity to individually contribute with your knowledge and your visions around the world. At Corporate Technology you’ll be working in the heart of Siemens’ technological research together with the best.
We make real what matters. This is your role:
The Cybersecurity Governance Specialist will provide Cybersecurity leadership, governance, support and consulting services for the Siemens business units worldwide. This position will be a key resource in the development and execution of continuous improvements to all aspects of the company’s Cybersecurity program, with a special focus on developing future-state cybersecurity technical hardening guides and control objectives as well as maintaining Cybersecurity policy, control objectives and standards, as well supporting corporate projects for improving Cybersecurity. This role is responsible to understand and drive the Siemens Corporate Cybersecurity Policy Framework which is fully auditable and compliant with ISO 27001.
Essential functions include, but are not limited to:
- Develop future-state cybersecurity technical hardening guides and control objectives
- Support automation of the implementation of technical hardening guides (improve existing methodology, create scripts)
- Support creation of scan policies to proof that systems comply to technical hardening guides (e.g. by scripts)
- Plan for future-state Cybersecurity policies and control objectives.
- Support projects to maintain compliance with regulatory, contractual and internal requirements.
- Annual review and maintenance of Cybersecurity policies, control objectives and standards.
- Train Siemens Cybersecurity Community to understand Siemens Cybersecurity Policy Framework.
- Consult with IT and Business Units to ensure alignment of Cybersecurity policies, control objectives and standards with business needs.
- Consult with IT and Business Units in adapting operational procedures to comply with Cybersecurity policies, control objectives and standards.
Use your skills to move the world forward:
- Master’s degree or similar in Cybersecurity, computer science or engineering.
- 4-6 years of experience in hardening of IT systems.
- Good knowledge of Security Content Automation Protocol (SCAP), Open Vulnerability and Assessment Language (OVAL), and Extensible Configuration Checklist Description Format (XCCDF)
- Good knowledge of JSON, YAML, and Markdown.
- Successful experience establishing governance standards for Information Technology.
- Good knowledge to create scripts for configuring IT systems for at least one of the following technologies:
- Windows (GPOs, Registry Settings, PowerShell, MS Intune)
- Linux (Bash scripts, Ansible)
- Databases (Oracle, MS SQL Server)
- Webservers (Apache, IIS)
- Experience in using version control systems, e.g. git would be valuable
- Solid experience with governance frameworks (ISO, NIST, COBIT, etc.) are a plus.
- Knowledge on Industrial Security Frameworks would be valuable.
- Experience dealing with Cybersecurity in OT Environments would be valuable.
- English fluent proficiency both written and spoken, German is a plus.
- Exceptional communication skills, including the ability to gather relevant data and information, actively listen, dialogue freely, verbalize ideas effectively, negotiate tense situations successfully, and manage and resolve conflict.
- Ability to create and maintain wide networks within an organization.
- Interest and drive to continuously improve.
- Must excel working in team-oriented roles that rely on ability to collaborate with others.
La Diversidad en Siemens es nuestra fuente de creatividad e innovación. Contar con diferentes tipos de talento y de experiencias nos hace ser más competitivos y estar mejor preparados para responder con éxito a las demandas de la Sociedad. Por ello, valoramos a las candidatas y a los candidatos que reflejen la Diversidad que disfrutamos en nuestra Compañía.
#LI-DL #CTCYS GOV-POL-5
Organization: Corporate Technology
Company: Siemens Holding S.L.
Experience Level: Experienced Professional
Job Type: Full-time