Siemens Mobility is a separately managed company of Siemens AG. As a leader in transport solutions for more than 160 years, Siemens Mobility is constantly innovating its portfolio in its core areas of rolling stock, rail automation and electrification, turnkey systems, intelligent traffic systems as well as related services. With digitalization, Siemens Mobility is enabling mobility operators worldwide to make infrastructure intelligent, increase value sustainably over the entire lifecycle, enhance passenger experience and guarantee availability.
Digitalization confronts many enterprises with great challenges and will change the processes immensely within the next years. Also, Siemens Mobility faces these tasks with our help.
We are shaping digitalization - through security
In the digital age, Cybersecurity is a basic prerequisite if companies are going to be able to protect their critical infrastructures and sensitive data and ensure uninterrupted business operations.
Thus, Cybersecurity is a top priority at Siemens Mobility. Our products, systems, and services adequately protect our customers’ data and equipment according to the current state-of-the-art. Yet, we also realize we can’t cover the entire field by ourselves. That’s why, in November 2017, we took the initiative and announced that we would join partners in industry, government, and society at the Munich Security Conference (MSC) to sign a Charter of Trust, publicize it, and encourage its general adoption.
Our vision is that for our society, customers and Siemens, we are the trusted partner in the digital world by providing industry leading Cyber security.
Together we make Cyber security real - because it matters.
In Siemens Mobility we are looking for a Cybersecurity Professional to join our Regional Cybersecurity Officers (CSO) Team, who accepts this task and stands beside our users at their transformation to a digital enterprise with his experience and enthusiasm. A passion for scrutiny.
Our cybersecurity officers are true professionals in terms of thinking outside the box. They explore every possibility when it comes to effective ways of deceiving, circumventing, and weakening IT systems so that they can protect them even more successfully. To this end, they ask questions that have no answers yet and look for gaps where hardly anyone would suspect them. This is crucial for digitalization! Join our team and we will foster your continuing professional development and an exchange with colleagues from all over the world. One thing is certain: your ideas will not be filed away, but almost always find their way into company practice. Worldwide. We make real what matters. This is your new role.
Here's where you make the difference
· Build a reporting strategy for the regions and provide regular Cybersecurity status and reports for the management and peers, share relevant information with stakeholders
· Participate in the measurement of the maturity level of Cybersecurity in the respective countries and regions based on pre-defined frameworks (e.g. KPIs, PSS Maturity, CMMI…)
· Assist in dentification and evaluation of cybersecurity risks and opportunities in the regions. Support relevant global security initiatives and reviews for M&A activities
· Actively support the regions in identifying critical assets, performing Business Impact Analysis and building Protection Concepts as part of our Asset Classification and Protection (ACP) process. Monitor progress of the ACP process in the regions
What you should have
- Use your skills to move the world forward.
- Academic background in relevant field.
- Sound knowledge in the area of Cyber Security with a focus in Risk, Vulnerability and Incident Management and Reporting.
- Knowledge of industry standards and frameworks like ISO27001, IEC62443, NIST, ENISA, etc.
- Up-to-date technical and hands-on knowledge, experience in current attack methods, detection strategies and use cases, how to resolve vulnerabilities, and manage incidents is a plus. An equal education or research program would be also sufficient.
- Knowledge in the areas of project management and consulting is a plus.
- Intercultural experience desirable, e.g. through travels and potentially a longer stay (few weeks) abroad.
- Ability to clearly present and communicate technical contexts, also to management.
- Relevant Cybersecurity certifications are a plus (CISSP, CISA, CISM, etc.)
- Professional level of English is required. Additional languages are an advantage.
What we can offer to you
The demand for mobility is growing all over the world. Transporting people and goods to all corners of the earth presents challenges for the infrastructure of national economies. This applies, in particular, to the transport and logistics facilities of cities: Will cities be able to solve the problems caused by increasing road traffic? Can public transportation help them avoid total gridlock? How can railway operators increase the efficiency, safety and security of their systems? How can rail and road traffic be integrated? How can logistics supply chains be further optimized as freight volumes continue to increase steadily?
The Mobility Division provides answers to all of these questions with its comprehensive portfolio; because modern, interconnected and IT-based mobility is the core competency of its business units. They have the know-how to make road traffic flow more smoothly and quickly, make trains more environmentally friendly and efficient, make train schedules and freight shipments more reliable. We work with our customers to develop optimal solutions to help overcome their challenges.
Organization: Siemens Mobility
Company: Siemens Rail Automation S.A.U.
Experience Level: Experienced Professional
Job Type: Full-time