LET’S TALK ABOUT YOU
- University degree in Information Technology, Engineering or similar, preferably certificates such as ISO 27001 lead auditor, CISSP, CISA and CISM
- 5+ years of professional experience in IT security audit, Cybersecurity, risk management, penetration testing, operation of data centers and / or development of industrial IT services and solutions
- Profound knowledge of ISO 27001 and profound knowledge of some of the following: cybersecurity, cloud security, OT security, secure software development.
- One or more of the following certificates: ISO 27001 auditor, CISSP, CISA, CRISC and CISM.
- Experience with agile methods (SCRUM), IEC 62443 and software development processes.
- Additionally, you have knowledge of some of the following: cybersecurity, SAP security, SCADA/ICS, web application testing, cloud security, OT security, mobile security, IT general controls, data protection and information security requirements, industrial security controls, software development lifecycle, COBIT.
- As you act in an international environment, you are willing to travel and therefore demonstrate business-fluent English language skills (C1 level) and German language skills are a plus.
- You have very good communication and presentation skills as well as are willing to learn about the latest trends in Cybersecurity and keep up to date in a continuously challenging environment.
- Furthermore you bring multicultural sensitivity, innovative thinking with solid analytical skills.
- Planning and performing security analyses to ensure a baseline understanding of the IT & OT infrastructures & processes, as well as of the processes to developed products, solutions and services
- Preparing and conducting process assessments (ISO 27001 / IEC 62443) as well as coordinating friendly hacking activities on Siemens Energy assets with internal penetration testers
- Determine the company’s’ Cybersecurity risks together with internal stakeholders
- Supporting the business to remediate non conformities found in ISO 27001 assessments and to defend the ISMS against external ISO Auditors
- Discussing on eye-to-eye level with security architects and solution providers to challenge their security assumptions and requirements as well as to improve their solutions whenever necessary
- Driving Cybersecurity improvement projects throughout the development and procurement lifecycle together with the stakeholders
- Identifying root causes of findings and assisting clients in developing improvement measures
- Both participating or leading project closing meetings with management and coaching working students
Your opportunities for personal growth
- Working in an international team with all internal divisions and functions getting an excellent overview about the complete company.
- Taking functional responsibility for a team within the assessment and support projects.
LET’S TALK ABOUT US
"Let’s make tomorrow different today" is our genuine commitment at Siemens Energy to all customers and employees on the way to a sustainable future.
In our Business Functions we enable our organization to reach their targets by providing best-in class services and solutions in the areas of IT, HR, Finance, Real Estate, Strategy & Technology and more.
Our department Assurance and Resilience Management is responsible for 2nd Line of Defense activities challenging and supporting the business to become cybersecurity resilient as well as the technical and non-technical Cybersecurity assessment (Red Team, process assessments).
Be Energized. Be you.
Lucky for us, we are not all the same. Through diversity we generate power. We run on inclusion and compassion. Our combined creative energy is fueled by at least 130 nationalities. Siemens Energy celebrates character – no matter what ethnic background, gender, age, religion, identity, or disability. We energize society. All of society.
Please attache your resume in English version.