The world never stands still. And new challenges arise every day. With a passion for questioning things, for supplying ideas, and intelligently driving things forward we are helping society move towards a more intelligent future. Be it with technologies that reduce carbon emissions in cities or hyperintelligent robots. This is how we are able, to tackle the most important projects and push them forward together. Help us shape the future.
With our innovative and integrated technology we support our customers in continuously improving the reliability, safety, and efficiency of products, processes and plants.Can you help us shape the future? We’re looking for dedicated people with the skills and vision to build a better tomorrow. Join our Product & Solution Security Professional team and help us create the technology that will transform entire industries, cities and even countries.
Change the future with us !
Job Description: Responsible of Product Security for Siemens digitalization/IIOT solutions. must have at least 08+ years of domain experience in securing IT, OT/ IIOT and digitalization systems having expert knowledge in Critical infrastructure relevant cyber-security standards such as IEC 62443 series, NERC CIP, NIST 800-82 and BDEW and must have implemented security for products and solutions complying to these standards.
1. Takeover of full ownership and accountability to manage the cybersecurity in development and deployment of Sensproducts.
2. Understanding associated ICS environment and carry out IEC 62443 assessment and recommend mitigation strategy.
3. Leading the implementation of controls to comply with standards such as IEC 62443 for IoT devices in both cloud-connected and on-prem solutions together with Partners, to create secure by design Sensproducts.
4. Establish and maintain automated mechanisms of prevent, detect, contain, mitigate and fine-tuning strategies in IIoT environment.
5. Regular auditing and proving compliance to concerned standards, best practices, and regulations for ICS environment.
6. Appraising management regarding trends of improvements in compliance. Flagging the foreseeable risk and possible mitigation. Advise management of further enhancement and roadmap to be forerunner in ICS cybersecurity.
7. Identifying security tools, partners/ agencies to implement security controls, audits, and possible standards certifications for Sensproducts.
8. Interacting with the software/ hardware product management and R&D teams, influence secure development of products and software interfaces and assure full compatibility between existing cybersecurity posture of Sensproducts.
9. Constantly monitoring the market and the technologies to identify improvement opportunities in security mechanisms of Sensproducts, cost-out initiatives, and alternative technologies to improve our cost position, quality, and security standards
10. Working on an agile environment and identify new opportunities in cybersecurity and translate them into hands-on concepts and standards contributing to the IoT adoption of our customers.
Required Skills and Experience
• University degree in computer science/ information science, mechanical- or electrical engineering or comparable education with overall experience of 10-14 years.
• Good (min.8 years) experience in cybersecurity, both OT and IT.
• Strong experience with offensive security (IT and OT). Strong knowledge of exploitation techniques and measures to prevent them.
• Experience in security assessment of industrial control systems such as PLCs, RTUs, HMIs, Gateways, PAC drives, industrial switches, cybersecurity tools related to OT.
• Experience in automation protocols such as Modbus Serial/ TCP, OPC UA, IEC 61850, MQTT, DNP3 etc.
• Experience in security mechanisms such as crypto, TPM, HSM, PKI infrastructure in IIoT/ IoT environment. Strong knowledge on secure architecture of IoT device.
• Should be well versed with common ICS cybersecurity risks encountered in all levels of Purdue reference architecture (ISA 95), in electrical utilities.
• Understands Thick client, Web, mobile applications (iOS and Android) and their secure integration with OT products/ solutions.
• Strong understanding of security with wireless communication protocols, used in IIoT environment – WiFi, BLE, ZB, ZW, NB-IoT, LoRA.
• Strong understanding of regulatory requirements such as NERC CIP, BDEW etc., pertaining to electrical utilities.
• Experience of risk assessment of industrial automation and control system as per IEC 62443 standard. Experience in design and recommend controls to mitigate identified risks during assessments of industrial automation and control systems in electrical utilities.
• Understanding of AWS Cloud security will be given preference.
• Professional certifications such as OSCP, CISSP, IEC 62443 Cybersecurity Expert, GICSP, GPEN.
• Strong cybersecurity management capabilities by delivering high impact projects on time and budget.
• Ability to handle cybersecurity team in supporting and guiding them technically.
• Fluent business English and a team player, who likes to work in international teams and manufacturing locations, partners, suppliers
We’ve got quite a lot to offer. How about you?
This role is based in Gurgaon. You’ll also get to visit other locations in India and beyond, so you’ll need to go where this journey takes you. In return, you’ll get the chance to work with teams impacting entire cities, countries – and the shape of things to come.
We’re Siemens. A collection of over 379,000 minds building the future, one day at a time in over 200 countries. We're dedicated to equality, and we encourage applications that reflect the diversity of the communities we work in. All employment decisions at Siemens are based on qualifications, merit and business need. Bring your curiosity and creativity and help us craft tomorrow.
Find out more about Siemens careers at: www.siemens.com/careers
Company: Siemens Technology and Services Private Limited
Experience Level: Experienced Professional
Job Type: Full-time