CYBER SECURITY COORDINATOR FOR FOUNDATIONAL SERVICES TEAM - 403938Charlotte, NC
The Foundational Services (FDS) segment within Siemens Digital Industries is a business unit offering a broad range of digital Foundational Services for Siemens Xcelerator applications which help Siemens businesses to accelerate their products and service development lifecycles. Given that the Foundational Services are a backbone of such Siemens digital products and services, they offer a high degree of assurance about their quality and security which is achieved by adopting strong Quality Management, as well as strong Product and Information Security Management processes and practices.
In the current setup of FDS, there are several high-performance teams, each with varying levels of maturity in terms of Quality and Cyber Security Management. There is a need to adopt a unified Quality and Cyber Security Management approach to align these teams to a consistent set of quality and cyber security standards. A unified approach makes it easy to assess, measure and monitor continuous improvement of respective management systems and processes.
The role of the Cyber Security Coordinator is a key role to ensure an appropriate level of security for Siemens' future digital services based on Xcelerator. This role addresses candidates that want to use their existing profound IT-expertise e.g., coming from SW development, ITSM or IT security in a more consultative way and expand this ability by further practices like secure architecture, secure cloud and container management, SaaS process management, management communication etc.
The goal for applying this broad set of skills is to connect the IT experts and the management for building secure software and providing SaaS services via secure processes to customers. For this, we offer an interesting leading-edge technology and SaaS product environment forming a digital platform. Therefore, we need to increasingly manage the agility of the applications built on our stable and secure platform which requires your experience, innovative ideas, and your drive to mature.
Consequently, the selected candidate will be responsible for supporting the implementation, maintenance, and certification of respective cyber security management systems, using the day-to-day activities as described following.
This role is an individual contributor/expert role reporting into the Quality Management Lead. The selected candidate will be responsible for supporting the implementation, maintenance, and certification of respective cyber security management systems, in addition to day-to-day activities described below.
• You will be responsible to drive and coordinate the implementation, maintenance, and certification activities of an information security management system like ISO27001 and product & solutions security management systems like IEC62443-4 –1 for all FDS segments
• You will apply respective Siemens Cyber Security policy and guidelines
• You will work with the FDS management. the development and the operations teams to translate each cyber security control from different standards (for example ISO 27001, SOC, IEC62443, ...) into a set of procedures that the teams can execute and demonstrate value add in the process
• You will work with the FDS management, the development, and operations teams to routinely assess the maturity of each team against a common set of cyber security standards and requirements. Assessments shall be reported as a scorecard of well-defined KPIs and measures
• You, together with a representative of the development and operations teams, will work to understand and implement the Siemens Quality Gates effectively so the teams are assured of providing consistent, repeatable outcomes with every system change
• You will establish and lead a system of Management Reviews to provide accurate, adequate insights to the Leadership team on topics of Quality, Security and Processes
• You will coordinate and prepare routine internal audits and external certification audits with the management, the development, and operations teams
• You should be able to
o Communicate and consult with other security experts, developers, operations teams, development and operations managers, and the Leadership team
o Analyze data from the software development lifecycle to identify opportunities to eliminate waste and improve performance
o Produce measurable security objectives and indicators (KPIs) and report out on them
o Research - Maintain technical expertise in area of cyber security by following technical advances in industry and academia
o Perform research to determine possible technical solutions to long-term technical issues.
Required Knowledge/Skills, Education, and Experience:
• You have a Master / bachelor’s degree in natural scientific or technical studies (computer science or automation technology preferred)
• You have long-term work experience either in the software development lifecycle, IT/cyber-security, or IT service management
• Willingness to learn
• Familiarity with quality and security standards (ISO 9001, ISO27001, IEC 62443 ...)
• You have strong analytical and communication skills
• You are pro-active and result-oriented and understand the importance of implementing change one small step at a time (avoid large, disruptive changes)
• Proven experience in a similar role in previous jobs
Preferred Knowledge/Skills, Education, and Experience:
• Experience with cloud computing services (e.g., AWS and/or Azure)
• Experience with Agile software development practices
• Ability to work with people in different geographies and cultures
• NICE TO HAVE: Certified Lead Auditor in ISO 27001 or similar standards
Siemens Software. Transform the Everyday
The salary range for this position is $145,700 to $262,300 and this role is eligible to earn incentive compensation. The actual compensation offered is based on the successful candidate’s work location as well as,, additional factors, including job-related skills, experience, and relevant education/training. Siemens offers a variety of health and wellness benefits to employees. Details regarding our benefits can be found here: www.benefitsquickstart.com. In addition, this position is eligible for time off in accordance with Company policies, including paid sick leave, paid parental leave, PTO (for non-exempt employees) or non-accrued flexible vacation (for exempt employees).
Equal Employment Opportunity Statement
Siemens is an Equal Opportunity and Affirmative Action Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to their race, color, creed, religion, national origin, citizenship status, ancestry, sex, age, physical or mental disability unrelated to ability, marital status, family responsibilities, pregnancy, genetic information, sexual orientation, gender expression, gender identity, transgender, sex stereotyping, order of protection status, protected veteran or military status, or an unfavorable discharge from military service, and other categories protected by federal, state or local law.
EEO is the Law
Applicants and employees are protected under Federal law from discrimination. To learn more, Click here.
Pay Transparency Non-Discrimination Provision
Siemens follows Executive Order 11246, including the Pay Transparency Nondiscrimination Provision. To learn more, Click here.
California Privacy Notice
California residents have the right to receive additional notices about their personal information. To learn more, click here.