If you really want to make a difference - make it with us
Siemens Mobility is a separately managed company of Siemens AG. As a leader in transport solutions for more than 160 years, Siemens Mobility is constantly innovating its portfolio in its core areas of rolling stock, rail automation and electrification, turnkey systems, intelligent traffic systems as well as related services. With digitalization, Siemens Mobility is enabling mobility operators worldwide to make infrastructure intelligent, increase value sustainably over the entire lifecycle, enhance passenger experience and guarantee availability.
Digitalization confronts many enterprises with great challenges and will change the processes immensely within the next years. Also, Siemens Mobility faces these tasks with our help.
We are shaping digitalization - through security
In the digital age, Cybersecurity is a basic prerequisite if companies are going to be able to protect their critical infrastructures and sensitive data and ensure uninterrupted business operations.
Thus, Cybersecurity is a top priority at Siemens Mobility. Our products, systems, and services adequately protect our customers’ data and equipment according to the current state-of-the-art. Yet, we also realize we can’t cover the entire field by ourselves. That’s why, in November 2017, we took the initiative and announced that we would join partners in industry, government, and society at the Munich Security Conference (MSC) to sign a Charter of Trust, publicize it, and encourage its general adoption.
Our vision is that for our society, customers and Siemens, we are the trusted partner in the digital world by providing industry leading Cyber security.
Together we make Cyber security real - because it matters.
In Siemens Mobility we are looking for a Regional Cybersecurity Officer, who accepts this task and stands beside our users at their transformation to a digital enterprise with his experience and enthusiasm. A passion for scrutiny.
Our cybersecurity officers are true professionals in terms of thinking outside the box. They explore every possibility when it comes to effective ways of deceiving, circumventing, and weakening IT systems so that they can protect them even more successfully. To this end, they ask questions that have no answers yet and look for gaps where hardly anyone would suspect them. This is crucial for digitalization! Join our team and we will foster your continuing professional development and an exchange with colleagues from all over the world. One thing is certain: your ideas will not be filed away, but almost always find their way into company practice. Worldwide. We make real what matters. This is your new role.
Here's where you make the difference
• Implement Cybersecurity governance and guidance
• Empower and advise Cybersecurity roles in the region
• Ensure adequate awareness for Cybersecurity within the organization supporting the delivery of security skills training programs
• Provide regular Cybersecurity status and risk reports for the management
• Define regional Security requirements and regulations corresponding to the Cybersecurity Framework and provide them to the business for enacting
• Regularly measure and re-assess the maturity level of Cybersecurity in the respective organization based on the pre-defined procedures (e.g. KPIs, PSS Maturity, CMMI…). Check and improve the security level of internal applications and tools
• Providing advice, consulting and guidance on Cyber Security topics for internal and external projects and to other Mobility departments on request especially supporting the product managers, project managers, R&D heads and manufacturing heads in driving Product & Solution Security (PSS)
• Drive continuous improvement
• Support Information Security Management Systems based on ISO 27001:2013 and Product Security Management Systems based on IEC62443
• Support the design of security hardening concepts and its implementation for internal systems and networks, supporting security related initiatives and projects, evaluating required network connections, rulesets, etc.
• Following up and providing help on vulnerabilities and incidents with the administrators / end-users, where necessary
• Identify, describe, quantify and evaluate cybersecurity risks and opportunities
• Support adoption of best practice methodologies for design and delivery of security – inclusive of project classification, threat and risk analysis and technology to support vulnerability assessment.
What you should have
• Use your skills to move the world forward.
• Academic background in relevant field.
• Sound knowledge in the area of Cyber Security with a focus in Risk, Vulnerability and Incident Management and Reporting.
• Knowledge of industry standards and frameworks like ISO27001, IEC62443, NIST, ENISA, etc.
• Excellent up-to-date technical and hands-on knowledge, experience in current attack methods, detection strategies and use cases, how to resolve vulnerabilities, and manage incidents is a plus. An equal education or research program would be also sufficient.
• Knowledge in the areas of project work and consulting.
• Intercultural experience desirable, e.g. through travels and potentially a longer stay (few weeks) abroad.
• Ability to clearly present and communicate technical contexts, also to management.
• Relevant Cybersecurity certifications are a plus (CISSP, CISA, CISM, etc.)
• Professional level of English is required. Additional languages are a plus
Position will cover the Middle East & Africa region:
- Saudi Arabia
- South Africa + Malawi & Namibia
The demand for mobility is growing all over the world. Transporting people and goods to all corners of the earth presents challenges for the infrastructure of national economies. This applies, in particular, to the transport and logistics facilities of cities: Will cities be able to solve the problems caused by increasing road traffic? Can public transportation help them avoid total gridlock? How can railway operators increase the efficiency, safety and security of their systems? How can rail and road traffic be integrated? How can logistics supply chains be further optimized as freight volumes continue to increase steadily?
The Mobility Division provides answers to all of these questions with its comprehensive portfolio; because modern, interconnected and IT-based mobility is the core competency of its business units. They have the know-how to make road traffic flow more smoothly and quickly, make trains more environmentally friendly and efficient, make train schedules and freight shipments more reliable. We work with our customers to develop optimal solutions to help overcome their challenges.