Siemens Energy

• Driving and continuously improving the vulnerability management process.
• Staying up to date with emerging security threats, vulnerabilities, and industry best practices to continuously improve our vulnerability management program.
• Assessing identified vulnerabilities by analyzing their severity, exploitability, and relevance to our company’s products and solutions.
• Collaborating with cross-functional teams to define and implement effective remediation strategies and action plans.
• Supporting the development of mitigation plans to address vulnerabilities by applying patches, implementing alternative safeguards, or facilitating risk acceptance decisions.
• Advising stakeholders on security best practices and providing recommendations for effective vulnerability treatment.
• Reporting on vulnerability findings, remediation efforts, and overall security posture to senior management and relevant stakeholders.

• A university degree in Cybersecurity, Information Technology, Computer Science, or a comparable field
• Profound experience in cybersecurity, product security or OT security, preferebly in the energy sectore. Experience with widely recognized OT cybersecurity standards, including ISA/IEC 62443, NIST SP 800-82, and ISO 27001 is preferred. Experience with regulatory compliance requirements specific to OT environments (e.g., NIS2 NERC CIP, EU Cyber Resilience Act) is highly welcome.
• Deep expertise in vulnerability management, including conducting assessments, performing security testing, and developing remediation strategies
• Deep understanding of common security vulnerabilities, attack vectors, and exploitation techniques. Hands-on experience with industry-standard vulnerability scanning techniques and tools (e.g., Nessus, Qualys, Burp Suite, OWASP ZAP)
• Familiarity with industry-standard SCA and SAST techniques and tools (BlackDuck, Snyk, SonarQube). Knowledge and experience with SCADA and Industrial Control Systems is preferred.
• Fluency in English and excellent communication and interpersonal skills, with the ability to collaborate across functions and convey technical concepts to non-technical stakeholders
• Relevant cybersecurity certifications such as CEH, OSCP, PNPT, GICSP, ISA/IEC 62443 Cybersecurity Expert are highly welcome.

At Siemens Energy, we are more than just an energy technology company. With ~100.000 dedicated employees in more than 90 countries, we develop the energy systems of the future, ensuring that the growing energy demand of the global community is met reliably and sustainably. The technologies created in our research departments and factories drive the energy transition and provide the base for one sixth of the world's electricity generation.

Our global team is committed to making sustainable, reliable, and affordable energy a reality by pushing the boundaries of what is possible. We uphold a 150-year legacy of innovation that encourages our search for people who will support our focus on decarbonization, new technologies, and energy transformation.      

• In addition to an attractive and competitive compensation package, you can expect a generous employer-funded retirement plan.
• We also offer the opportunity to become a shareholder in Siemens Energy at very favorable employee rates.
• Under our motto #BetterTogether, we provide our employees with the flexibility to work remotely or in the office. Our workspaces are designed to inspire collaboration and creativity, ensuring a fulfilling work environment.
• We are deeply committed to the professional and personal development of our employees.
• You will have the opportunity to learn and grow at your own pace, with access to a variety of appealing programs and initiatives.
• To support work-life balance, we offer a diverse range of options, including flexible working hours, childcare facilities at many locations, opportunities for part-time work, and even sabbaticals.