Industrial Cybersecurity Officer (f/m/d) for Product Management
About the Role
Location Germany Bayern Erlangen Remote vs. Office Hybrid (Remote/Office) Company Siemens Energy Global GmbH & Co. KG Organization Grid Technologies Business Unit Product Management Full / Part time Full-time Experience Level Experienced Professional A Snapshot of Your Day As our Industrial Cybersecurity Officer (f/m/d), you will lead cybersecurity activities for the Product Management Business Area Function. You will advise the leadership team and provide guidance to our global product and portfolio management in translating cybersecurity legislations, regulations and customer demands into practical security practices and recommendations. You collaborate with and coach cross-functional teams to integrate cybersecurity measures into the product, engineering and design tool development, testing, and release processes and internal digitalization programs. As part of a great and larger Industrial Cybersecurity community you have the opportunity for growth and best practice sharing. How You’ll Make an Impact
1. Develop and implement cybersecurity strategies and policies to enable the cyber resilience of our industrial products and solutions throughout their lifecycle, aligned with PLM processes, cybersecurity strategy and governance.
2. Advise and support the Product Portfolio, R&D and Software Development teams on resilient and cost-effective cybersecurity architectures and technologies.
3. Develop advanced protection concepts of OT and IT security in current development project ( based on ISO 27001, IEC62443, NIST).
4. Coach and support project teams through all steps of the product lifecycle and contribute to security related activities such as, Threat & Risk Analysis, project classifications, architecture review, Penetration Testing.
5. Identify experts’ resources gaps and shape the Product Management cybersecurity community.
6. Continuously assess cyber risks and propose adequate mitigations, including governance and processes improvements when deemed necessary.
7. Monitor and report on implementation of governance agreed strategy and Industrial Cybersecurity maturity.
8. Stay updated on changes in legislation and regulations, particularly the EU Cyber Resilience Act, NIST, and the US Executive Order, and ensure compliance of our products.
What You Bring
9. Degree or equivalent professional experience in computer science, cybersecurity, electronics, cybernetics, or a related field.
10. Several years of experience with at least one year in a specialized role related to Cybersecurity.
11. Proven experience in IT / OT cybersecurity architectures and technologies.
12. Broad understanding of product lifecycle management and secure development processes; familiarity with security standards and regulations such as IEC 62443, ISO 27001, NIST, NERC CIP are an advantage.
13. Motivated and able to self-organize and prioritize complex tasks in intercultural and global teams.
14. Certification in cybersecurity is an advantage, CISSP, GIAC GCIP, GIAC GICSP, GIAC GPEN, GIAC GCFA, CySa+ or similar.
15. Strong written, verbal and presentation skills, both in English and German.