Senior Auditor ISO 27001, Assurance & Resilience Manager
We provide the power that brings heat and light to our cities. We build highly efficient next generation turbines as well as on and offshore wind turbines all over the world. We help our customers to save millions of tons of CO2 each year. That way we not only contribute, but actively drive the energy revolution for a better and greener future. For these and many other future projects, we need smart thinkers who bring skill, creativity, and dedication to the table. People like you! Experienced researchers who boldly broaden horizons. True specialists that do not lose sight of the big picture. We tackle what really matters - take your next career step with us and make a difference.
Plan and perform security analyses to ensure a baseline understanding of the IT & OT infrastructures, products, solutions and services landscape, the related processes, and controls (“2nd Line of Defense”)
Prepare and conduct process assessments (ISO 27001 / IEC 62443) and coordinate friendly hacking activities on systems, products, solutions and services with internal and external personnel
Technical expertise & network: discuss on eye-to-eye level with security architects & solution providers to challenge their security assumptions & requirements and improve their solutions whenever necessary
Design attack scenarios to jeopardize state-of-the-art technologies and provide evidences if they are vulnerable
Drive cyber security improvement projects throughout the development & procurement lifecycle together with the stakeholders
Use analytical skills to identify root causes of findings and assist clients in developing improvement measures
Participate/lead project closing meetings with management
Required Knowledge/Skills, Experience, and Education
A minimum of Bachelor’s Degree in Information Technology, Computer Science, Engineering or related field.
A minimum of 5 years of professional experience within the fields of IT security audit, Cybersecurity, penetration testing, operation of data centers and / or development of industrial IT services and solutions
Willingness to learn about the latest trends in Cybersecurity and keep up to date in a continuously challenging environment.
Experience with agile methods (SCRUM)
Experience with IEC 62443, ISO 27001 and development processes
Profound knowledge of some of the following:, cybersecurity, SAP security, SCADA/ICS, Web application testing, Cloud security, OT security, mobile security, IT general controls, data protection and information security requirements, industrial security controls, software development lifecycle, COBIT
Solid project management skills, with experience in working in multicultural environments
Very good communication, presentation and coaching skills
Willingness to travel
Innovative with solid analytical skills, self-guided way of working
Applicants must be legally authorized for employment in the United States without need for current or future employer-sponsored work authorization.
Preferred Knowledge/Skills, Experience, and Education
ISO 27001 lead auditor training and certification a plus
German language skills a plus
Certifications like OSCP, CEH, CISSP, CISA, CISM preferred but not required
Siemens Gas and Power (GP) is a global pacesetter in energy, helping customers to meet the evolving demands of today’s industries and societies. GP comprises broad proficiencies across the entire energy value chain and offers a uniquely comprehensive portfolio for utilities, independent power producers, transmission system operators and the oil and gas industry. Products, solutions and services address the extraction, processing and the transport of oil and gas as well as power generation in central and distributed thermal power plants and power transmission in grids. With global headquarters in Houston in the U.S. and more than 64,000 employees in over 80 countries, Siemens Gas and Power has a presence across the globe and is a leading innovator for the energy systems of today and tomorrow, as it has been for more than 150 years.
Organization: Siemens Energy
Company: Siemens Energy, Inc.
Experience Level: Mid-level Professional
Job Type: Full-time
Equal Employment Opportunity Statement
Siemens is an Equal Opportunity and Affirmative Action Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to their race, color, creed, religion, national origin, citizenship status, ancestry, sex, age, physical or mental disability unrelated to ability, marital status, family responsibilities, pregnancy, genetic information, sexual orientation, gender expression, gender identity, transgender, sex stereotyping, order of protection status, protected veteran or military status, or an unfavorable discharge from military service, and other categories protected by federal, state or local law.
EEO is the Law
Applicants and employees are protected under Federal law from discrimination. To learn more, Click here.
Pay Transparency Non-Discrimination Provision
Siemens follows Executive Order 11246, including the Pay Transparency Nondiscrimination Provision. To learn more, Click here.
California Privacy Notice
California residents have the right to receive additional notices about their personal information. To learn more, click here.