Cybersecurity 3rd Party Risk Management Specialist
Join us as Cybersecurity 3rd Party Risk Management Specialist and perform security evaluation of 3rd parties’ security processes and provide recommendations to the business following a risk-based approach. Additionally, you will be responsible for developing risk mitigation strategies for IT and business led projects involving 3rd parties and ensuring compliance with relevant security policies and standards.
What part will you play?
Drive strategic supplier selection through a comprehensive security evaluation
Provide recommendations to the business, IT, legal, and procurement partners leading to suppliers’ approval decision
Negotiate appropriate contract language with Siemens Energy and 3rd party legal counsels
Drive implementation of relevant security measures across different platforms - on-premise, cloud platforms, mobile apps; ensure 3rd parties’ compliance with Siemens Energy Cybersecurity policies
Coordinate penetration testing and remediation of the findings
Plan and execute on-site security audits following the ISO27001 framework; document audit findings, and drive remediation efforts
Following a risk-based approach, ensure that security risks related to 3rd party engagements are identified, made transparent to the management team, and mitigated
Address customer-initiated inquiries regarding Siemens Energy’s security posture
Foster close collaboration with business, Procurement, IT, Product and Solution Security, and Legal teams
Required Knowledge/Skills, Experience, Education
Bachelor’s cybersecurity or relevant field
5-8 Years of experience working within cybersecurity with a focus on 3rd party risk assessment
Experience managing 3rd party engagements
Experience in cloud security, mobile app security and IT relevant topics
Intercultural awareness and ability to work in cross-functional teams
Fluency in English language
Personal initiative, quality and result orientation
Analytical ability and strategic thinking
Excellent communication skills
Good knowledge of problem-solving methods and continuous improvement methods
Ability to travel domestically and internationally up to 20% of time.
Applicants must be legally authorized for employment in the United States without need for current or future employer-sponsored work authorization.
Preferred Knowledge/Skills, Experience, Education:
Masters Degree in Cybersecurity or relevant field
CISA or ISO27001 Lead Auditor certification desired
Working knowledge of German
Siemens Gas and Power (GP) is a global pacesetter in energy, helping customers to meet the evolving demands of today’s industries and societies. GP comprises broad competencies across the entire energy value chain and offers a uniquely comprehensive portfolio for utilities, independent power producers, transmission system operators and the oil and gas industry. Products, solutions and services address the extraction, processing and the transport of oil and gas as well as power generation in central and distributed thermal power plants and power transmission in grids. With global headquarters in Houston in the U.S. and more than 64,000 employees in over 80 countries, Siemens Gas and Power has a presence across the globe and is a leading innovator for the energy systems of today and tomorrow, as it has been for more than 150 years.
Organization: Siemens Energy
Company: Siemens Energy, Inc.
Experience Level: Mid-level Professional
Job Type: Full-time
Equal Employment Opportunity Statement
Siemens is an Equal Opportunity and Affirmative Action Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to their race, color, creed, religion, national origin, citizenship status, ancestry, sex, age, physical or mental disability unrelated to ability, marital status, family responsibilities, pregnancy, genetic information, sexual orientation, gender expression, gender identity, transgender, sex stereotyping, order of protection status, protected veteran or military status, or an unfavorable discharge from military service, and other categories protected by federal, state or local law.
EEO is the Law
Applicants and employees are protected under Federal law from discrimination. To learn more, Click here.
Pay Transparency Non-Discrimination Provision
Siemens follows Executive Order 11246, including the Pay Transparency Nondiscrimination Provision. To learn more, Click here.
California Privacy Notice
California residents have the right to receive additional notices about their personal information. To learn more, click here.