If you really want to make a difference - make it with us
Siemens Mobility is a separately managed company of Siemens AG. As a leader in transport solutions for more than 160 years, Siemens Mobility is constantly innovating its portfolio in its core areas of rolling stock, rail automation and electrification, turnkey systems, intelligent traffic systems as well as related services. With digitalization, Siemens Mobility is enabling mobility operators worldwide to make infrastructure intelligent, increase value sustainably over the entire lifecycle, enhance passenger experience and guarantee availability.
Digitalization confronts many enterprises with great challenges and will change the processes immensely within the next years. Also, Siemens Mobility faces these tasks with our help.
We are shaping digitalization - through securityIn the digital age, Cybersecurity is a basic prerequisite if companies are going to be able to protect their critical infrastructures and sensitive data and ensure uninterrupted business operations.
Thus, Cybersecurity is a top priority at Siemens Mobility. Our products, systems, and services adequately protect our customers’ data and equipment according to the current state-of-the-art. Yet, we also realize we can’t cover the entire field by ourselves. That’s why, in November 2017, we took the initiative and announced that we would join partners in industry, government, and society at the Munich Security Conference (MSC) to sign a Charter of Trust, publicize it, and encourage its general adoption.
Our vision is that for our society, customers and Siemens, we are the trusted partner in the digital world by providing industry leading Cyber security.
Together we make Cyber security real - because it matters.
In Siemens Mobility we are looking for a RegionalCybersecurity Officer, who accepts this task and stands beside our users at their transformation to a digital enterprise with his experience and enthusiasm. A passion for scrutiny.
Our cybersecurity officers are true professionals in terms of thinking outside the box. They explore every possibility when it comes to effective ways of deceiving, circumventing, and weakening IT systems so that they can protect them even more successfully. To this end, they ask questions that have no answers yet and look for gaps where hardly anyone would suspect them. This is crucial for digitalization! Join our team and we will foster your continuing professional development and an exchange with colleagues from all over the world. One thing is certain: your ideas will not be filed away, but almost always find their way into company practice. Worldwide. We make real what matters. This is your new role.
Here's where you make the difference
- Empower and advise Cybersecurity roles in the region
- Ensure adequate awareness for Cybersecurity within the organization
- Provide regular Cybersecurity status and risk reports
- Define regional Security requirements and regulations corresponding to the Cybersecurity Framework and provide them to the business for enacting
- Regularly measure and re-assess the maturity level of Cybersecurity in the respective organization based on the pre-defined procedures (e.g. KPIs, PSS Maturity, CMMI…)
- Providing advice, consulting and guidance on Cyber Security topics for internal and external projects and to other Mobility departments on request
- Drive continuous improvement
- Specific Information Security activities
- Support Information Security Management Systems based on ISO 27001:2013
- Support the design of security hardening concepts and its implementation
- Following up and providing help on vulnerabilities and incidents with the administrators / end-users, where necessary
- Check and improve the security level of internal applications and tools
- Support of network security related initiatives and projects, evaluating required network connections, rulesets
- Supporting other departments with questions and decisions, on request
- Collecting information and improving the Cyber Security management reporting
- Identify, describe, quantify and evaluate cybersecurity risks and opportunities
- Specific Product and Solution Security activities
- Support Product Security Management Systems based on IEC62443
- Support the product managers, project managers, R&D heads and manufacturing heads in driving Product & Solution Security (PSS)
- Collaborate in the creation of appropriate processes and structures to maintain and increase security into products, solutions and services
- Support adoption of best practice methodologies for design and delivery of security – inclusive of project classification, threat and risk analysis and technology to support vulnerability assessment. Help collate information and report to the PSS head.
- Support the delivery of security skills training programs.
What you should have
- Use your skills to move the world forward.
- Academic background in relevant field.
- Sound knowledge in the area of Cyber Security with a focus in Risk, Vulnerability and Incident Management and Reporting.
- Knowledge of industry standards and frameworks like ISO27001, IEC62443, NIST, ENISA, etc.
- Excellent up-to-date technical and hands-on knowledge, experience in current attack methods, detection strategies and use cases, how to resolve vulnerabilities, and manage incidents is a plus. An equal education or research program would be also sufficient.
- Knowledge in the areas of project work and consulting.
- Intercultural experience desirable, e.g. through travels and potentially a longer stay (few weeks) abroad.
- Ability to clearly present and communicate technical contexts, also to management.
- Relevant Cybersecurity certifications are a plus (CISSP, CISA, CISM, etc.)
- Professional level of English is required.
- Additional languages region specific
What we can offer to you(country specific)
North & Latin America (NAM & LAM)
- Dominican Republic
Great Britain & Ireland (GBI)
- United Kingdom
North-East Europe (NEE)
- Austria + Bulgaria, Croatia, Hungary, Romania, Serbia, Slovakia & Slovenia
- Czech Republic
- Finland + Estonia, Latvia & Lithuania
- Russia + Kazakhstan
South-West Europe (SWE)
- Belgium + Luxembourg
- France + Algeria, Morocco & Tunisia
- Portugal + Angola & Mozambique
Middle East & Africa
- Saudi Arabia
- South Africa + Malawi & Namibia
Asia Pacific & China (ASP & CHN)
- Australia + New Zealand
- Hong Kong
The demand for mobility is growing all over the world. Transporting people and goods to all corners of the earth presents challenges for the infrastructure of national economies. This applies, in particular, to the transport and logistics facilities of cities: Will cities be able to solve the problems caused by increasing road traffic? Can public transportation help them avoid total gridlock? How can railway operators increase the efficiency, safety and security of their systems? How can rail and road traffic be integrated? How can logistics supply chains be further optimized as freight volumes continue to increase steadily?
The Mobility Division provides answers to all of these questions with its comprehensive portfolio; because modern, interconnected and IT-based mobility is the core competency of its five business units: Mobility Management, Turnkey Projects & Electrification, Mainline Transport, Urban Transport and Customer Services. They have the know-how to make road traffic flow more smoothly and quickly, make trains more environmentally friendly and efficient, make train schedules and freight shipments more reliable. We work with our customers to develop optimal solutions to help overcome their challenges.
Job ID: 123756
Company: Siemens Rail Automation S.A.U.
Experience Level: Experienced Professional
Job Type: Full-time