关于职务
Location
罗马尼亚
Bucuresti
- 国家: Portugal
- 国家: Israel
远程办公或公司办公
混合模式(远程办公/公司办公)
法律主体
Siemens Energy S.r.l.
组织机构
EVP Global Functions
业务部门
Digital Products and Solutions
全职/兼职
全职
经验水平
高级专业人士
A Snapshot of Your Day
The role of cybersecurity expert in a software engineering organization is vital to protect the company’s products and assets, ensuring compliance with laws, maintaining customer trust, and enhancing operational efficiency. With cybersecurity experts in place, DPS can navigate the complex threat landscape and focus on innovation. The expertise we are looking for spans beyond just defending against attacks—we need also help streamline development to foster a secure and efficient development environment, ensure regulatory compliance, and build a resilient infrastructure that supports long-term growth, trusted products and business success.
In this role, you will be reporting at n-1 level to the Head of Digital Products & Solutions, who is covering the VP position within the Global Functions organization at Siemens Energy.
Therefore, in this role you will work closely with all Product Owners and development specialists within DPS for execution, guidance and consulting. At the same time, you will workhand in hand with DPS management, Cybersecurity organization and Business owners for strategic discussion and governance alignment and application.
Gain overview about the overall architecture of solutions developed by DPS, evaluate it from Cybersecurity perspective, e.g., secure communication between Edge and Cloud, interfaces as well as products.
Report the strengths and weaknesses from a cybersecurity perspective, give ideas for improvement.
Help DPS organization becoming compliant with latest standards and methodologies (IEC62443, IEC27001, NERC CIP, …).
Improving / defining processes for patch management, update processes, lifecycle management and malware protection.
Support testers to define procedures for security testing.
Define and implement (with execution team support) Penetration Tests and other simulated exercise to check effectiveness of countermeasures, evaluate results and define way forward / corrective actions.
Guidelines for secure software development, e.g., secure coding guidelines, including training sessions for developers to make them aware of cybersecurity issues and how to avoid them.
Consult the teams in defining a secure system architecture and coding, secure network structures, secure data transmission, secure remote access, secure data storage and minimize/eliminate vulnerabilities in customer facing products in systematic and measurable way.
How You’ll Make an Impact
You will make an impact by Building a Security-Centric Culture to instill a security-first mindset across the entire organization with real direct impact on products and initiative.
- Being cyberattacks such as malware, ransomware, and denial-of-service attacks a constant threats, you will be key in identifying vulnerabilities in the software infrastructure, patching them, and minimizing risk.
- Implement security best practices like secure software development lifecycle (SDLC), vulnerability assessments, and threat intelligence.
- In the event of a breach or cyberattack, you will quickly identify the source and mitigate the damage, reducing downtime and data loss, ensuring incident reporting and recovery plans, enabling business continuity This can significantly save the company from revenue loss, loss of customer trust, and costly recovery operations and ultimately avoiding the erosion of customer confidence.
- You will directly influence the quality and security of software products.
- By embedding security practices into the development lifecycle, they ensure that software is resilient to attacks before it reaches the market. Guiding and instructing developers on secure coding practices, code review processes, and automated testing for vulnerabilities, a cybersecurity expert improves the software’s security. This proactive approach minimizes the chances of security flaws being discovered post-launch, leading to a reduction in patching costs and enhancing the product’s reputation for reliability.
- Our customers expect their data to be handled securely, especially in the context of cloud-based or SaaS (Software-as-a-Service) applications.
- A cybersecurity expert helps establish and maintain a strong security posture, which is critical to attracting and retaining customers.
- Multi-factor authentication (MFA), role-based access control, and data encryption will be common areas to address in our environment for application into our products.
- We operate in an environment with strict data privacy regulations. As cybersecurity senior expert you will ensure the company’s practices meet necessary compliance standards. Therefore, by understanding the legal and regulatory landscape you will help the company avoid costly fines and legal liabilities, creating protocols for data handling and ensure that any software products or services the company develops comply with relevant data protection laws.
- The intellectual property (IP) generated through code, algorithms, and proprietary solutions is often our most valuable asset. In your role you will ensure that this IP remains protected from theft, espionage, and data breaches. This can be achieved by deploying encryption, secure access protocols, and continuous monitoring systems to safeguard sensitive customer data, source code, and project documentation.
- By ensuring data is well-protected, we will prevent costly breaches that could damage the company’s reputation and result in legal or financial consequences
What You Bring
Education:
- Master’s degree in Computer Science or Information Technology or Information Systems or Cybersecurity or Network Engineering.
- Professional qualifications and certifications on cybersecurity methods are a welcome optional: COmpTIA, CISSP, CEH, CCNA, CISM and/or others including certifications from vendors (Microsoft, AWS, ..)
Working experience:
- At least 10 years of operational experience in cybersecurity
- Hands-on work and proven track record of success in implementing cybersecurity provisions for proactive defense as well as attack response in relation to software products and IT networks in large corporations.
- State of the art knowledge of cybersecurity fostered by several years of experience in a critical environment identified as a typical target for threats and attacks.
- Extensive proven experience in leading multi-disciplinary cyber program including: Governance risk and compliance, Application security, network security, awareness.
- Strong leadership and influencing skills including ability to mentor and growth people into the topic.
- Continuous learning attitude and passion for ever evolving challenges in a dynamic environment.
- Strong familiarity with the Cyber market, trends and technologies
About the Team
The Digital Products & Solutions organization is responsible for developing software solutions for both internal and external customers. These solutions include Edge Computing and applications, On-site sensor technology integration, Cloud-based platforms and cloud-based software solutions and applications.
The solutions, applications, and platforms we provide allow data acquired to be used to improve the operation and maintenance of power plants and industrial facilities of all sizes this includes the development of digital twins, analytics platforms and agents, artificial intelligent and machine learning applications and algorithms.
Who is Siemens Energy?
At Siemens Energy, we are more than just an energy technology company. We meet the growing energy demand across 90+ countries while ensuring our climate is protected. With more than 98,000 dedicated employees, we not only generate electricity for over 16% of the global community, but we’re also using our technology to help protect people and the environment.
Our global team is committed to making sustainable, reliable, and affordable energy a reality by pushing the boundaries of what is possible. We uphold a 150-year legacy of innovation that encourages our search for people who will support our focus on decarbonization, new technologies, and energy transformation.
Our Commitment to Diversity
Lucky for us, we are not all the same. Through diversity we generate power. We run on inclusion and our combined creative energy is fueled by over 130 nationalities. Siemens Energy celebrates character – no matter what ethnic background, gender, age, religion, identity, or disability. We energize society, all of society, and we do not discriminate based on our differences.
#LI-CL1