Senior Cybersecurity 3rd Party Risk Management Specialist (f/m/d)

Job Description

Location: ERL S F
Department: GP CYS
Mode of Employment: Permanent / Full-time
Job Grade: Non Senior Management ERA-Entgeltgruppe 12

Make real what matters.

We provide the power to bring heat and light to our cities. We build highly efficient next generation turbines as well as on- and offshore wind turbines all over the world. We help our customers to save millions of tons of CO2 each year. That way we not only contribute, but actively drive the energy revolution for a better and greener future. For these and many other future projects, we need smart thinkers who bring skill, creativity, and dedication to the table. People like you! Experienced researchers who boldly broaden horizons. True specialists that do not lose sight of the big picture.

We tackle what really matters – take your next career step with us and make a difference.

What part will you play?
  • Join us as Sr. Cybersecurity 3rd Party Risk Management Specialist and perform security evaluation of 3rd parties’ security processes and provide recommendations to the business following a risk-based approach.  Additionally, you will be responsible for developing risk mitigation strategies for IT and business led projects involving 3rd parties and ensuring compliance with relevant security policies and standards.
  • Drive strategic supplier selection through a comprehensive security evaluation. 
  • Provide recommendations to the business, IT, legal, and procurement partners leading to suppliers’ approval decision.
  • Negotiate appropriate contract language with Siemens Energy and 3rd party legal counsel.
  • Drive implementation of relevant security measures across different platforms - on-premise, cloud platforms, mobile apps; ensure 3rd parties’ compliance with Siemens Energy Cybersecurity policies.
  • Coordinate penetration testing and remediation of the findings.
  • Plan and execute on-site security audits following the ISO27001 framework; document the audit findings, and drive remediation efforts.
  • Following a risk-based approach, ensure that security risks related to 3rd party engagements are identified, made transparent to the management team, and mitigated.
  • Address customer-initiated inquiries regarding Siemens Energy’s security posture.
  • Foster close collaboration with business, Procurement, IT, Product and Solution Security, and Legal teams.
What you need to make real what matters.
  • Bachelor’s or Master’s Degree in cybersecurity or relevant field.
  • 5+ years of experience managing 3rd party engagements.
  • Experience in cloud security, mobile app security and IT relevant topics.
  • CISA or ISO27001 Lead Auditor certification desired.
  • Intercultural awareness and ability to work in cross-functional teams.
  • Fluency in English language (German will be an additional asset).
  • Personal initiative, quality and result orientation.
  • Analytical ability and strategic thinking.
  • Excellent communication skills.
  • Good knowledge of problem-solving methods and continuous improvement methods.
  • Ability to travel domestically and internationally up to 20% of time.
Make your mark in our exciting world at Siemens.

+49 (9131) 17-1717 - if you wish to discuss any initial questions with our recruitment team. - if you would like to find out more about jobs & careers at Siemens.

As an equal-opportunity employer we are happy to consider applications from individuals with disabilities.

Organization: Gas and Power

Company: Siemens Gas and Power GmbH & Co. KG

Experience Level: Experienced Professional

Job Type: Full-time

Can't find what you are looking for?

Let's stay connected

Can't find what you are looking for?