Siemens Energy

A Snapshot of Your Day

The Supplier Cybersecurity Resilience Framework Specialist is responsible for developing and managing a comprehensive framework aimed at guiding assessors in helping third-party suppliers enhance their cybersecurity capabilities. This strategic role involves the development of standard processes, trend analysis, and the creation of resources and guidelines to facilitate supplier self-improvement in cybersecurity.

How You'll Make An Impact

• Create a repository of cybersecurity standard processes and materials assessors can demonstrate during supplier evaluations.
• Analyze trends from supplier assessments to identify common cybersecurity gaps and develop insights that inform framework enhancements. Support the production of training materials and standardized communication templates for assessors to effectively engage with suppliers on cybersecurity issues.
• Design self-assessment tools and checklists for suppliers to independently evaluate and improve their cybersecurity posture.
• Develop clear, actionable guidelines that outline the path for continuous cybersecurity improvement for suppliers. Collaborate with internal teams and partners to align the framework with organizational objectives and risk tolerance.
• Monitor regulatory changes and industry standards to ensure the framework reflects current cybersecurity requirements. Define and monitor key performance indicators to measure the effectiveness of the supplier cybersecurity development program.
• Engage with cybersecurity experts and industry groups to integrate the latest insights and practices into the framework.

What You Bring

• Bachelor’s degree in cybersecurity or in a related field. In addition, 5+ years of experience in cybersecurity, risk management, or a related area, with a strong understanding of third-party risk.
• Demonstrated experience in developing frameworks, or guidelines for cybersecurity or related areas.
• Strong analytical skills with the ability to identify trends and insights from data.
• Strong ability to craft clear and impactful training materials and mentor documents through written and verbal means!
• Knowledge of regulatory requirements and industry standards related to cybersecurity.
• Relevant certifications (such as CISSP, CISM, CRISC, or CISA) or relevant experience

Our Corporate and Global Functions are essential in driving the company's strategic initiatives and ensuring operational excellence across various departments, business areas, and regions. These roles support our vision to become the most valued energy technology company in the world. As part of our team, you contribute to our vision by shaping the global energy transition, partnering with our internal and external stakeholders, and conducting business responsibly and in compliance with legal requirements and regulations.