We provide the power to bring heat and light to our cities. We build highly efficient next generation turbines as well as on- and offshore wind turbines all over the world. We help our customers to save millions of tons of CO2 each year. That way we not only contribute, but actively drive the energy revolution for a better and greener future. For these and many other future projects, we need smart thinkers who bring skill, creativity, and dedication to the table. People like you! Experienced researchers who boldly broaden horizons. True specialists that do not lose sight of the big picture. We tackle what really matters – take your next career step with us and make a difference.
What part will you play?
In your new position as a Senior Auditor, you plan and perform security analyses to ensure a baseline understanding of the IT & OT intrastructures, products, solutions and servcies landscape, the related processes, and controls (“2nd Line of Defense”).
Furthermore, you prepare and conduct process assessments (ISO 27001 / IEC62443) and coordinate friendly hacking activities on systems, products, solutions and services with internal and external personnel.
Very important is the technical expertise and network: you discuss on eye-to- eye level with security architects and solution providers to challenge their security assumptions and requirements as well as improve their solutions whenever necessary.
You design attack scenarios to jeopardize state-of-the-art technologies and provide evidences if they are vulnerable.
Another task is driving Cybersecurity improvement projects throughout the development and procurement lifecycle together with the stakeholders.
You use analytical skills to identify root causes of findings and assist clients in developing improvement measures.
Both participating or leading project closing meetings with management and coaching working students complete your area of responsibility.
What you need to make real what matters.
We are pleased to get to know you if you have a university degree in IT, computer science, engineering or other related fields.
You provide at least 5 years of professional experience within Siemens or a related industry in the fields of IT security audit, Cybersecurity, penetration testing, operation of data centers and / or development of industrial IT services and solutions.
You have experience with agile methods (SCRUM), IEC 62443, ISO 27001 and development processes. On top of that you bring the ISO 27001 lead auditor training and certification as a plus. Certifications such as OSCP, CEH, CISSP, CISA, CISM are another asset.
Additionally, you have profound knowledge of some of the following: Cybersecurity, SAP security, SCADA/ICS, web application testing, cloud security, OT security, mobile security, IT general controls, data protection and information security requirements, industrial security controls, software development lifecycle, COBIT as well as solid project management skills.
As you act in an international environment, you are willing to travel and therefore demonstrate business-fluent English language skills and German language skills are a plus.
You have very good communication, presentation and coaching skills as well as are willing to learn about the latest trends in Cybersecurity and keep up to date in a continuously challenging environment. Furthermore you bring multicultural sensitivity, innovative thinking with solid analytical skills and a self-guided way of working.
Make your mark in our exciting world at Siemens Energy.
Organization: Corporate Technology
Company: Siemens Energy Unipessoal Lda.
Experience Level: Experienced Professional
Job Type: Full-time