ISO 27001 Audits / Penetration Tests Portfolio Manager (m/f/d)

Job Description

Securing the Future Enterprise Today

Whether in the field of Industry, Smart Infrastructure or Energy: Digitalization is simplifying many facets of life. Therefore, we need to manage the associated risks caused through Cybercriminals.

“Making an impact that matters!”, that’s the motto we live by. We at Siemens are continuously pushing the boundaries of sectors such as the Internet of Things (IoT), big data analytics, artificial intelligence (AI) and cloud technologies. However, with such digital innovations come unpredictable security challenges and vulnerabilities, thus increasing the risk of cyberattacks.

We’re looking for brilliant, ambitious gamechangers like you to join our team of experts. Together let’s create cutting-edge security solutions and infrastructures that protect our data and the digital assets of our customers. Help us tackle tomorrow’s challenges today!

Join us! Together we can make our digital world more secure.


We make real what matters. This is your role.

           Prepare and conduct penetration tests and ISO/IEC 27001 gap audits  (2nd Line of Defense)

           Coordinate friendly hacking activities on Siemens systems, products, solutions and services with internal and externals personnel

           Consult internal and external customers during the implemenation of an ISO/IEC 27001

           Use analytical skills to identify root causes of findings and assist clients in developing improvement measures

           Participate / lead project closing meetings with management

           Coach cybersecurity analysts and working students

Use your skills to move the world forward.

           Strong academic history (university degree in IT, Computer Science, Engineering or other related fields)

           At least 4-6 years of professional experience within Siemens or a related industry in the fields of IT security audit, Cybersecurity, penetration testing, operation of data centers and / or development of industrial IT services and solutions

           ISO 27001 lead auditor training and certification, Experience with IEC 62443

           Experience with agile methods (SCRUM), solid project management skills, with experience in working in multicultural environments

           Profound knowledge of some of the following: cybersecurity, SAP security, SCADA/ICS, Web application testing, mobile security, IT general controls, data protection and information security requirements, industrial security controls, software development lifecycle

           Very good communication, presentation and consulting skills

           German and English – language skills on C1

           Willingness to travel (up to 50%, mainly in Germany)

           Certifications like OSCP, CEH, CISSP, CISA, CISM preferred but not required

As an equal-opportunity employer we are happy to consider applications from individuals with disabilities.

#CTCYS #LI-DL #penetrationtest

Job ID: 184314

Organization: Corporate Technology

Company: Siemens AG

Experience Level: Experienced Professional

Job Type: Full-time

Can't find what you are looking for?

Let's stay connected

Can't find what you are looking for?