Cybersecurity Governance Expert for internal compliance monitoring (m/f/d)
Siemens
Madrid, ES
hace 2 días

Making an impact that matters! , that’s the motto we live by. We at Siemens are continuously pushing the boundaries of sectors such as the Internet of Things (IoT), big data analytics, artificial intelligence (AI) and cloud technologies.

However, with such digital innovations come unpredictable security challenges and vulnerabilities, thus increasing the risk of cyberattacks.

Join us! Together we can make our digital world more secure. At Siemens there is an ongoing initiative to monitor and improve the security level in IT Systems and underlying infrastructure by monitoring their compliance with Siemens Cybersecurity policies.

Two main streams run in parallel to achieve this : A Cybersecurity training for admins, technical managers and business leaders in charge of applications and the infrastructure below.

This training compiles the most relevant cybersecurity body of knowledge, and it is tailored to each responsible role. An application to monitor in almost real-time the compliance to some of the mandatory Cybersecurity controls based on the input provided by different tools already in place (e.

g. vulnerability scan, patch management, CMDB, etc) and presenting a unified vision with an scoring system based on the risk level of the monitored applications.

The Cybersecurity Governance Expert for internal compliance monitoring will on the one hand be in charge for the maintenance and evolution of both the training artifacts (Driver’s Licence, consisting of wikis, web-based training, test questions, etc.

and the application for cybersecurity regulations compliance monitoring and reporting (Insight). The Cybersecurity Governance Expert is the person who functionally coordinates the team and all activities globally, ensuring the deliverables work / adhere to customer specifications.

The Cybersecurity Governance Expert is a very visible face to the customers (CCSOs). Together with the customers he develops the reporting and tool-landscape to meet their strategic goals and needs.

He / She etablishes and maintains a network of contacts within Siemens cybersecurity ecosystem in order to discuss and understand ongoing trends and challenges.

Based on that he / she develops the service further. While driving and developing the current operations of Drivers Licence and Insight the Expert will develop the services for the external market.

Example tasks to be performed as part of the job in the mentioned areas : Training : Coordinate with external or internal providers to maintain and evolve the Web-Based-Training material according to changes in content and provision Updating and adding current and new content to the training (both wikis and Web-Based-Training) to ensure the delivered content is aligned with updated cybersecurity policies and requirements (e.

g. after security policies or standards changes) as well as with latest technology developments. Tracking and monitoring the training progress and the number of accomplished trainings by all 3 roles (Asset Owner, Asset Manager, Admins).

Ensure the adequacy, completeness and validity of questions for the certification test as well as for linked artifacts (documents, wikis, etc.

with further information on how to deploy, maintain and handle the security controls (once this further information is built or discovered) Build up a network of contacts with all Siemens IT and business areas worldwide to be the trusted point of contact to locate new users for the training and awareness.

Become the single point of contact for all support requests of the 3 target groups. Insight Application : Application Owner and Manager for the compliance monitoring tool (INSIGHT) Interface towards Cybersecurity Community Customers in Siemens : Requirements gathering, analysis and prioritization Initiate and track adoptions to the tools to new security regulations or changes to existing ones.

Initiate and track review & integration of new internal security-relevant data sources to the monitoring tool. Coordination of external developers Sprint & release planning in coordination with Cybersecurity Reporting platform team Incident & problem Management : Support the resolution of bugs.

Developing documentation & training Building new and updating existing reports for different partners. Single point of contact to all user requests concerning the penalty point system and its consequences.

SPOC for Key User Community, user requests and communications. What do I need to qualify? Academic : · Computer science degree or related.

Master’s degree or similar in information security.· Passed exam for one or more security certifications like CISSP, CISM or similar would be valuable (not necessary currently holding the certification) Experience : Solid experience in the field cybersecurity.

Profound experience in Consulting business Several years of experience in functional / technical leading global teams and projects Profound experience in Service Development Profound experience in gathering and formalizing requirements.

Experience creating security awareness and training materials. Experience or knowledge in Agile methodology (usage of JIRA, Confluence).

Knowledge on ISO and NIST Cybersecurity Frameworks Experience in Software Lifecycle Management would be valuable. Knowledge on Industrial Security Frameworks would be valuable.

Skills : English and German fluent proficiency Strong customer orientation Strong communication skills. Creativity and innovation Interest and drive to continuously improve.

Join us! Together we can make our digital world more secure. Do you want to know more about Cybersecurity at Siemens? www.

siemens.com / cybersecurity www.siemens.com / careers / digitalminds - if you would like to find out more about Digital Minds at Siemens Make your mark in our exciting world at Siemens.

www.siemens.com / careers - if you would like to find out more about jobs & careers at Siemens. FAQ - if you need further information on the application process.

As an equal-opportunity employer we are happy to consider applications from individuals with disabilities. #cybersecurity #digitalminds #CTCYS #LI-DL Organization : Cybersecurity Company : Siemens AG Experience Level : Experienced Professional Job Type : Full-time

Reportar esta oferta
checkmark

Thank you for reporting this job!

Your feedback will help us improve the quality of our services.

Inscribirse
Mi Correo Electrónico
Al hacer clic en la opción "Continuar", doy mi consentimiento para que neuvoo procese mis datos de conformidad con lo establecido en su Política de privacidad . Puedo darme de baja o retirar mi autorización en cualquier momento.
Continuar
Formulario de postulación