- You will identify, assess, measure and monitor cybersecurity risks by performing hands-on risk assessments of processes and controls. Using your strong analytical skills, you will identify security gaps and explore further to find their root causes.
- As valuable member of the assurance team you prepare and conduct cybersecurity audits on Siemens IT systems, products, services, factories, and software development centers. During this process you highlight important observations, translate technical findings into management information so that they can take effective actions. You also participate in closing meetings with the management team.
- In your new role you assess cybersecurity in Siemens’ most innovative products: From the product security features, to the software development lifecycle and the respective software development environments.
- Moreover, you would be assessing the cybersecurity governance of Siemens internal organizations together with the team, including policy and processes in place such as incident handling and response, threat detection, vulnerability management, etc.
- You work closely with security experts from multiple industries to improve their solutions by tackling the root cause of the issues and find innovative solutions to modern challenges.
- Strong academic history with a degree in IT, Computer Science or other related fields; certifications such as CISSP, CISA, CISM are a plus
- At least 2+ years of professional experience within Siemens or a related industry, or a ‘Big 4’ accounting firm or a consultancy in the fields of IT security audit and / or development of industrial IT services and solutions with a proven record of continuous career development.
- Demonstrated affinity to learn about the latest trends in cybersecurity and keep up to date in a continuously challenging environment.
- Good communication, presentation and project management skills and the drive and to find innovative solutions and establish them in the CFA environment.
- Ideally you have experience in some the following aspects: application and software security, cloud environments, IT general controls, industrial security controls, information security management systems (ISMS), networks security, penetration testing, security architecture, SAP security
- Strong understanding of industry standards such as the NIST Cybersecurity Framework (e.g.,NIST 800-53), ISO 27001/02, IEC 62443 and CIS Top 20 Critical Security Controls.
- Fluency in German and English willingness to travel internationally up to 50% of your time with experience in working in multicultural environments.
Organization: Controlling and Finance
Company: Siemens AG
Experience Level: Experienced Professional
Job Type: Full-time