- You will identify, assess, measure and monitor cybersecurity risks by performing hands-on risk assessments of processes and controls. Using your strong analytical skills, you will identify security gaps and explore further to find their root causes.
- As valuable member of the assurance team you prepare and conduct cybersecurity audits on Siemens IT systems, products, services, factories, and software development centers. During this process you highlight important observations, translate technical findings into management information so that they can take effective actions. You also participate in closing meetings with the management team.
- In your new role you are responsible for assessing cybersecurity in Siemens’ most innovative products: From the product security features, to the software development lifecycle and the respective software development environments.
- Moreover, you would be assessing the cybersecurity governance of Siemens internal organizations, including policy and processes in place such as incident handling and response, threat detection, vulnerability management, etc.
- You work closely with security experts from multiple industries to improve their solutions by tackling the root cause of the issues and find innovative solutions to modern challenges.
- Furthermore, you will drive new IT security related internal audit processes, tools and documentation improvements and coach junior cybersecurity analysts and working students
- Strong academic history with a degree in IT, Computer Science or other related fields; certifications such as CISSP, CISA, CISM are a plus
- At least 3 years of professional experience within Siemens or a related industry, or a ‘Big 4’ accounting firm in the fields of IT security audit and / or development of industrial IT services and solutions with a proven record of continuous career development.
- Demonstrated affinity to learn about the latest trends in cybersecurity and keep up to date in a continuously challenging environment.
- Strong communication, presentation and project management skills and the drive and to find innovative solutions and establish them in the CFA environment.
- Ideally you have experience in the following aspects: application and software security, cloud environments, IT general controls, industrial security controls, information management systems (ISMS), networks security, penetration testing, security architecture, SAP security
- Strong understanding of industry standards such as the NIST Cybersecurity Framework (e.g.,NIST 800-53), ISO 27001/02, IEC 62443 and CIS Top 20 Critical Security Controls.
- Fluency in English and willingness to travel internationally up to 80% of your time with experience in working in multicultural environments.
Organisation: Controlling and Finance
Unternehmen: Siemens AG
Erfahrungsniveau: Early Professional