As a leader in transport solutions, Siemens Mobility is constantly innovating its portfolio in its core areas of rolling stock, rail automation and electrification, turnkey systems, intelligent traffic systems as well as related services. With digitalization, Siemens Mobility is enabling mobility operators worldwide to make infrastructure intelligent, increase value sustainably over the entire lifecycle, enhance passenger experience and guarantee availability.
In the fourth industrial revolution, cybersecurity is a basic prerequisite if companies are going to be able to protect their critical infrastructures and sensitive data and ensure uninterrupted business operations. Thus, Cybersecurity is a top priority at Siemens Mobility. Our products, systems, and services adequately protect our customers’ data and equipment by leveraging state-of-the-art methods and technologies,Yet, we also realize we can’t cover the entire field by ourselves. Our commitment to cybersecurity is indisputable.As a result,we joined partners in industry, government, and society at the Munich Security Conference (MSC) to sign a Charter of Trust, publicize it, and encourage its general adoption.
We are looking for a Regional Cybersecurity Officer, who accepts this task and stands beside our users at their transformation to a digital enterprise with his or her experience, enthisiasim as well as a passion for scrutiny. As a Cybersecurity officer, you will be invited to think outside the box. You will explore every possibility when it comes to effective ways of deceiving, circumventing, and weakening IT systems so that they can protect them even more successfully. To this end, you will ask questions that have no answers yet and look for gaps where hardly anyone would suspect them. As an esteemend and respected member of the Global Cyber Security Team we will foster your continuing professional development and an exchange with colleagues from all over the world. One thing is certain: your ideas will not be filed away, but almost always find their way into company practice.
- Implement Cybersecurity governance and guidance
- Empower and advise Cybersecurity roles in the region
- Ensure adequate awareness for Cybersecurity within the organization
- Provide regular Cybersecurity status and risk reports
- Define regional Security requirements and regulations corresponding to the Cybersecurity Framework and provide them to the business for enacting
- Regularly measure and re-assess the maturity level of Cybersecurity in the respective organization based on the pre-defined procedures (e.g. KPIs, PSS Maturity, CMMI…)
- Supports external projects and to other Mobility departments on request
- Drive continuous improvement
- Support Information Security Management Systems based on ISO 27001:2013
- Support the design of security hardening concepts and its implementation
- Provide advice, consulting and guidance on Cyber Security topics and provide help on resolving vulnerabilities and incidents with the administrators / end-users, where necessary
- Check and improve the security level of internal applications and tools
- Support network security related initiatives and projects, evaluating required network connections, rulesets
- Support other departments with Cybersecurity questions and decisions, on request
- Collect information and improve Cyber Security management reporting
- Identify, describe, quantify and evaluate cybersecurity risks and opportunities
- Support Product Security Management Systems based on IEC62443
- Support the product managers, project managers, R&D heads and manufacturing heads in driving Product & Solution Security (PSS)
- Collaborate in the creation of appropriate processes and structures to maintain and increase security into products, solutions and services
- Support adoption of best practice methodologies for design and delivery of security – inclusive of project classification, threat and risk analysis and technology to support vulnerability assessment. Help collate information and report to the PSS head.
- Support the delivery of security skills training programs.
Required Knowledge/Skills, Education, and Experience
- 8- 10 years of experience of progressive responsibility as a cyber security professional in a large organization with a clear emphasis in manufacturing.
- Academic background in Information Systems, Technology or related field
- Sound knowledge in the area of Cyber Security with a focus in Risk, Vulnerability and Incident Management and Reporting.
- Knowledge of industry standards and frameworks like ISO27001, IEC62443, NIST, ENISA, etc.
- Excellent up-to-date technical and hands-on knowledge, experience in current attack methods, detection strategies and use cases, how to resolve vulnerabilities, and manage incidents is a plus. An equal education or research program would be also sufficient.
- Knowledge in the areas of project work and consulting.
- Ability to clearly present and communicate technical context to management.
- Professional level of English is required.
Qualified Applicants must be legally authorized for employment in the Unites States. Qualified Applicants will not require employer sponsored work authorization now or in the future for employment in the United States.
Preferred Knowledge/Skills, Education, and Experience
- Intercultural experience desirable, e.g. through travels and potentially a longer stay (few weeks) abroad.
- Ability to speak and read Spanish or Portuguese is a plus
- Relevant cybersecurity certifications are a plus (CISSP, CISA, CISM, etc.)
- Expereience and proficency with high domestic and international travel
Job ID: 179460
Company: Siemens Mobility, Inc
Experience Level: Mid-level Professional
Job Type: Full-time
Equal Employment Opportunity Statement
Siemens is an Equal Opportunity and Affirmative Action Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to their race, color, creed, religion, national origin, citizenship status, ancestry, sex, age, physical or mental disability, marital status, family responsibilities, pregnancy, genetic information, sexual orientation, gender expression, gender identity, transgender, sex stereotyping, protected veteran or military status, and other categories protected by federal, state or local law.
EEO is the Law
Applicants and employees are protected under Federal law from discrimination. To learn more, Click here.
Pay Transparency Non-Discrimination Provision
Siemens follows Executive Order 11246, including the Pay Transparency Nondiscrimination Provision. To learn more, Click here.