Cybersecurity Expert for SW Products

A Snapshot of Your Day

The role of cybersecurity expert in a software engineering organization is vital to protect the company’s products and assets, ensuring compliance with laws, maintaining customer trust, and enhancing operational efficiency. With cybersecurity experts in place, DPS can navigate the complex threat landscape and focus on innovation. The expertise we are looking for spans beyond just defending against attacks—we need also help streamline development to foster a secure and efficient development environment, ensure regulatory compliance, and build a resilient infrastructure that supports long-term growth, trusted products and business success.

In this role, you will be reporting at n-1 level to the Head of Digital Products & Solutions, who is covering the VP position within the Global Functions organization at Siemens Energy.

Therefore, in this role you will work closely with all Product Owners and development specialists within DPS for execution, guidance and consulting. At the same time, you will workhand in hand with DPS management, Cybersecurity organization and Business owners for strategic discussion and governance alignment and application.

• Gain overview about the overall architecture of solutions developed by DPS, evaluate it from Cybersecurity perspective, e.g., secure communication between Edge and Cloud, interfaces as well as products.
• Report the strengths and weaknesses from a cybersecurity perspective, give ideas for improvement.
• Help DPS organization becoming compliant with latest standards and methodologies (IEC62443, IEC27001, NERC CIP, …).
• Improving / defining processes for patch management, update processes, lifecycle management and malware protection.
• Support testers to define procedures for security testing.
• Define and implement (with execution team support) Penetration Tests and other simulated exercise to check effectiveness of countermeasures, evaluate results and define way forward / corrective actions.
• Guidelines for secure software development, e.g., secure coding guidelines, including training sessions for developers to make them aware of cybersecurity issues and how to avoid them.
• Consult the teams in defining a secure system architecture and coding, secure network structures, secure data transmission, secure remote access, secure data storage and minimize/eliminate vulnerabilities in customer facing products in systematic and measurable way.
  
  

How You’ll Make An Impact

You will make an impact by Building a Security-Centric Culture to instill a security-first mindset across the entire organization with real direct impact on products and initiative.

• Being cyberattacks such as malware, ransomware, and denial-of-service attacks a constant threats, you will be key in identifying vulnerabilities in the software infrastructure, patching them, and minimizing risk.
• Implement security best practices like secure software development lifecycle (SDLC), vulnerability assessments, and threat intelligence.
• In the event of a breach or cyberattack, you will quickly identify the source and mitigate the damage, reducing downtime and data loss, ensuring incident reporting and recovery plans, enabling business continuity This can significantly save the company from revenue loss, loss of customer trust, and costly recovery operations and ultimately avoiding the erosion of customer confidence.
• You will directly influence the quality and security of software products.
• By embedding security practices into the development lifecycle, they ensure that software is resilient to attacks before it reaches the market. Guiding and instructing developers on secure coding practices, code review processes, and automated testing for vulnerabilities, a cybersecurity expert improves the software’s security. This proactive approach minimizes the chances of security flaws being discovered post-launch, leading to a reduction in patching costs and enhancing the product’s reputation for reliability.
• Our customers expect their data to be handled securely, especially in the context of cloud-based or SaaS (Software-as-a-Service) applications.
  
  

What You Bring

Education:

• Master’s degree in Computer Science or Information Technology or Information Systems or Cybersecurity or Network Engineering.
• Professional qualifications and certifications on cybersecurity methods are a welcome optional: COmpTIA, CISSP, CEH, CCNA, CISM and/or others including certifications from vendors (Microsoft, AWS, ..)
  
  

Working experience:

• At least 10 years of operational experience in cybersecurity
• Hands-on work and proven track record of success in implementing cybersecurity provisions for proactive defense as well as attack response in relation to software products and IT networks in large corporations.
• State of the art knowledge of cybersecurity fostered by several years of experience in a critical environment identified as a typical target for threats and attacks.
• Extensive proven experience in leading multi-disciplinary cyber program including: Governance risk and compliance, Application security, network security, awareness.
• Strong leadership and influencing skills including ability to mentor and growth people into the topic.
• Continuous learning attitude and passion for ever evolving challenges in a dynamic environment.
• Strong familiarity with the Cyber market, trends and technologies
  
  

About The Team

The Digital Products & Solutions organization is responsible for developing software solutions for both internal and external customers. These solutions include Edge Computing and applications, On-site sensor technology integration, Cloud-based platforms and cloud-based software solutions and applications.

The solutions, applications, and platforms we provide allow data acquired to be used to improve the operation and maintenance of power plants and industrial facilities of all sizes this includes the development of digital twins, analytics platforms and agents, artificial intelligent and machine learning applications and algorithms.

Who is Siemens Energy?

At Siemens Energy, we are more than just an energy technology company. We meet the growing energy demand across 90+ countries while ensuring our climate is protected. With ~100,000 dedicated employees, we not only generate electricity for over 16% of the global community, but we’re also using our technology to help protect people and the environment.

Our global team is committed to making sustainable, reliable, and affordable energy a reality by pushing the boundaries of what is possible. We uphold a 150-year legacy of innovation that encourages our search for people who will support our focus on decarbonization, new technologies, and energy transformation.

Find out how you can make a difference at Siemens Energy: https://www.siemens-energy.com/employeevideo

Our Commitment to Diversity

Lucky for us, we are not all the same. Through diversity, we generate power. We run on inclusion and our combined creative energy is fueled by over 130 nationalities. Siemens Energy celebrates character – no matter what ethnic background, gender, age, religion, identity, or disability. We energize society, all of society, and we do not discriminate based on our differences.

Rewards/Benefits

• An inclusive team culture where you can be yourself
• Opportunities to work on and lead a variety of innovative projects
• Enjoy a stable employment in a company with a long history in innovation and technology
• Seize individual development and training opportunities, from job specific to soft skills
• Welfare: flexible welfare programs and health insurance.
  
  

https://jobs.siemens-energy.com/jobs