The Security and Compliance Practice team works within the Services Eingeering organization and across the business to design, automate, and operate Siemens’s security and compliance capabilities.
As an Information Security Analyst on the Security and Compliance Practice team, you will be responsible for the design, implementation, and management of Siemens’s technical compliance capabilities. You will create and maintain solutions to uphold Siemens’s continuous compliance with a broad set of industry regulations, and drive compliance efforts to enable Siemens to enter increasingly regulated markets.
- Actively manage information security and risk according to internal compliance and regulatory requirements including governance, metrics, and compliance oversight of Siemens’s SDLC and Change Management programs
- Perform technical assessments and produce detailed artifact analysis to ensure that systems, applications, and processes are in compliance with Siemens’s internal security objectives and external regulatory requirements
- Collaborate with Engineers to define system baseline standards, and to maintain the efficiency and effectiveness of Siemens’s SDLC and Change Management programs
- Develop tools and documentation to support the standardization of Siemens’s security controls in a multi-cloud, multi-region ecosystem.
- Analyze security incidents, investigate, and conduct root cause analysis along with implementation of remediation.
- Conduct Access Reviews, Disaster Recovery Drills, and Risk Analysis/Security Audits.
- You have a BS or a minimum of 5 years of relevant industry experience.
- Strong Written and Verbal Communication skills
- Expert level knowledge and in-depth practical experience working with at least one defined compliance and regulatory standard (e.g. NIST, GDPR, HIPAA, ISO 27001, PCI DSS, SOX, others).
- Direct experience with Agile SDLC and Cloud software development technology, practices and teams.
- Experience successfully implementing tooling & instrumentation and/or automating routine or mundane processes with Python, Go, or similar scripting tools.
- Experience with Computer Forensics, Reverse Engineering, AWS Security Applications and Tooling.
- Familiarity and exposure to other compliance and regulatory standards (e.g. FedRAMP/ITAR, GDPR, HIPAA, ISO 27001, PCI DSS, SOX) a plus.
- You want to work in a fast paced, high growth environment that values pragmatism and initiative.
- Ability to work with data restricted to US persons.
Desired Skills and Considerations:
- Knowledge of Siemens PLM Software a plus
- CNAB, automated delivery (SDM), and CI/CD get your pulse going.
- You’ve previously worked in a cloud-native or startup environment.
- You hold relevant industry certifications.
- Verbal communication is your cup of tea.
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment.
Organization: Digital Industries
Company: Siemens Industry Software, S.A. de C.V.
Experience Level: Experienced Professional
Job Type: Full-time