IT Cyber Analyst - US

We are a leading global software company dedicated to the world of computer aided design, 3D modeling and simulation— helping innovative global manufacturers design better products, faster! With the resources of a large company, and the energy of a software start-up, we have fun together while creating a world class software portfolio. Our culture encourages creativity, welcomes fresh thinking, and focuses on growth, so our people, our business, and our customers can achieve their full potential. The primary responsibilities of this position are focused on ensuring that all departments meet International, Federal, State and Local compliance requirements.  This includes providing direction and procedures to work groups to ensure that all departments can be certified in various Information Security, Cyber Security, and Data Privacy compliance certifications. Lead risk assessments and the implementation and review of control strategies.  Perform internal audits to ensure compliance.  Work with external auditor to provide requested information and ensure audit success.·         Directs programs, policies, and practices to ensure that all business segments and functions are in compliance with security, legal, human resources, financial and operational policy and reporting regulations. ·         Supports information security and cyber security community collaboration and best practice sharing ·         Develops organizational compliance strategies by contributing information, analysis, and recommendations to strategic thinking and direction of corporate objectives.·         Support deployment of application security across Software Development Lifecycle·         Support the Siemens DI SW Sec Ops strategy for SaaS and cloud products. ·         Validate security roadmaps for each product group align with technical and business risk·         Support alignment of DevOps, RunOps and SecOps·         Demonstrates expertise in a variety of the SaaS and Cybersecurity concepts, practices, and procedures.·         Creates functional strategies and specific objectives for the sub-function and develops budgets/policies/procedures to support the functional infrastructure. ·         Organizes and facilitates responses to customer requests for compliance information and/or compliance audits.·         Deep knowledge of the managed sub-function and solid knowledge of the overall departmental function. Typically requires 5+ years of managerial experience·         Implementation, operation and maintenance of the Information Security Management System based on the ISO 27001 standards, including certification.·         Understand, interpret, and apply requirements and controls across multiple frameworks including ISO 27000-series, SOC2, SSAE 16/18, NIST CSF, CMMC, NIST 800-series, EU Cyber Resilience Act, NIS2, TISAX, CyberEssentials, MLPS 2.0 and others.·         Performs information security risk assessments and assess the control environment of the business processes and applications under review, including both manual and automated processes in accordance with the information security program·         Develop remediation and corrective action plans with related governance and operational functions (such as Physical Security/Facilities, Risk Management, IT, HR, Legal and Compliance) plus senior and middle managers throughout the organization as necessary·         Validate that common cloud CI CD process pipeline is being used and deployed to new acquisitions. ·         Support security incident management, security compliance monitoring and security event monitoring·         Develop supporting information security awareness, training, and educational materialRequired Knowledge/Skills, Education, and Experience·         Bachelor’s Degree preferably in Information Assurance, Risk Management, or Networking·         At least five years of working with ISO 27001:2013/2022, 27004:2016, 27005:2018, 27006:2015, 27017:2015, 27018:2019, 19011:2018, SSAE16/18, SOC2 Type 1 and 2, NIST CSF, 800-53, 800-171, 800-218, CMMC and expertise in applying the standards to office environments·         3 to 5 Years of maintaining Information Security Management Systems (ISMS) in multi-site international environments·         At least five years in the field including at least one ISMS development and deployment·         Experience developing business centric policies and procedures based on the standards for a non-manufacturing environment·         Understanding of risk management, threat assessment and risk treatment actions is critical.·         Experience with cloud development and cloud deployment technologies·         Experience leading Risk assessments and Internal Audits·         Experience helping develop and deploy technical solutions to address risks·         Experience in combining requirements/controls from multiple frameworks into a single set of guidance·         Experience with cloud computing services (e.g., AWS and/or Azure)·         Experience with software development practices, particularly Agile practices, is a plus·         Security certifications in areas like CISA, CISM, CISSP, and AWS certified security a plus·         Proficient in MS Office (Word, Excel, PowerPoint, and Access) ·         Demonstrated ability to recognize, evaluate, and recommend controls for workplace hazards·         Effective critical thinking and problem-solving skills·         Able to effectively communicate with senior management levels as well as being able to work in detail with product and security professionals ·         Ability to get work done through a network of volunteers·         Ability to advise and consult pragmatically and professionally technical and non-technical colleagues·         Ability to influence decision makers through well founded presentations and discourse·         Excellent interpersonal, communication and analytical skills ·         Well-developed writing skills, especially when creating clear and concise procedures·         Ability to manage multiple projects/tasks and work independently with minimal supervision·         Ability and desire to work remotely from peers and stakeholders·         Ability to work with people in different geographies and cultures·         Position requires up to 20% travelQualified Applicants must be legally authorized for employment in the Unites States, Canada, or the UK.  Qualified Applicants will not require employer sponsored work authorization now or in the future for employment in any country.Why us? Working at Siemens Software means flexibility - Choosing between working at home and the office at other times is the norm here. We offer great benefits and rewards, as you'd expect from a world leader in industrial software. A collection of over 377,000 minds building the future, one day at a time in over 200 countries. We're dedicated to equality, and we welcome applications that reflect the diversity of the communities we work in. All employment decisions at Siemens are based on qualifications, merit, and business need. Bring your curiosity and creativity and help us shape tomorrow! Siemens Software. Transform the EverydayThe salary range for this position is $121,400 to $218,500 and this role is eligible to earn incentive compensation. The actual compensation offered is based on the successful candidate’s work location as well as additional factors, including job-related skills, experience, and relevant education/training.  Siemens offers a variety of health and wellness benefits to employees. Details regarding our benefits can be found here: . In addition, this position is eligible for time off in accordance with Company policies, including paid sick leave, paid parental leave, PTO (for non-exempt employees) or non-accrued flexible vacation (for exempt employees).#LI-PLM #LI-HYBRID #SWSaaS #LI-DK1Equal Employment Opportunity StatementSiemens is an Equal Opportunity and Affirmative Action Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to their race, color, creed, religion, national origin, citizenship status, ancestry, sex, age, physical or mental disability unrelated to ability, marital status, family responsibilities, pregnancy, genetic information, sexual orientation, gender expression, gender identity, transgender, sex stereotyping, order of protection status, protected veteran or military status, or an unfavorable discharge from military service, and other categories protected by federal, state or local law.Reasonable AccommodationsIf you require a reasonable accommodation in completing a job application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please fill out the accommodations form by clicking on this link Accomodation for disablity form If you’re unable to complete the form, you can reach out to our AskHR team for support at 1-866-743-6367. Please note our AskHR representatives do not have visibility of application or interview status. EEO is the LawApplicants and employees are protected under Federal law from discrimination. To learn more, Click here.Pay Transparency Non-Discrimination ProvisionSiemens follows Executive Order 11246, including the Pay Transparency Nondiscrimination Provision. To learn more, Click here.California Privacy NoticeCalifornia residents have the right to receive additional notices about their personal information. To learn more, click here.Job ID:422339Company:Siemens Industry Software Inc.Organization:Digital IndustriesJob Family:CybersecurityExperience Level:Experienced ProfessionalFull Time / Part Time:Full-timeRemote vs Office:Hybrid (Remote/Office)Contract Type:PermanentDepartment:Cybersecurity