Siemens
IT Cyber Analyst - US
Siemens, Plano, TX
We are a leading global software company dedicated to the world ofcomputer aided design, 3D modeling and simulation- helping innovative globalmanufacturers design better products, faster! With the resources of a largecompany, and the energy of a software start-up, we have fun together whilecreating a world class software portfolio. Our culture encourages creativity,welcomes fresh thinking, and focuses on growth, so our people, our business,and our customers can achieve their full potential.
The primaryresponsibilities of this position are focused on ensuring that all departmentsmeet International, Federal, State and Local compliance requirements. This includes providing direction andprocedures to work groups to ensure that all departments can be certified invarious Information Security, Cyber Security, and Data Privacy compliancecertifications. Lead risk assessments and the implementation and review ofcontrol strategies. Perform internalaudits to ensure compliance. Work with externalauditor to provide requested information and ensure audit success.
• Directs programs, policies, and practices to ensurethat all business segments and functions are in compliance with security,legal, human resources, financial and operational policy and reportingregulations.
• Supports information security and cyber security communitycollaboration and best practice sharing
• Develops organizational compliance strategies bycontributing information, analysis, and recommendations to strategic thinkingand direction of corporate objectives.
• Support deployment of application security acrossSoftware Development Lifecycle
• Support the Siemens DI SW Sec Ops strategy for SaaSand cloud products.
• Validate security roadmaps for each product groupalign with technical and business risk
• Support alignment of DevOps, RunOps and SecOps
• Demonstrates expertise in a variety of the SaaS andCybersecurity concepts, practices, and procedures.
• Creates functional strategies and specific objectivesfor the sub-function and develops budgets/policies/procedures to support thefunctional infrastructure.
• Organizes and facilitates responses to customer requests forcompliance information and/or compliance audits.
• Deep knowledge of the managed sub-function and solidknowledge of the overall departmental function. Typically requires 5+ years ofmanagerial experience
• Implementation, operation and maintenance of theInformation Security Management System based on the ISO 27001 standards,including certification.
• Understand, interpret, and apply requirements andcontrols across multiple frameworks including ISO 27000-series, SOC2, SSAE16/18, NIST CSF, CMMC, NIST 800-series, EU Cyber Resilience Act, NIS2, TISAX,CyberEssentials, MLPS 2.0 and others.
• Performs information security risk assessments andassess the control environment of the business processes and applications underreview, including both manual and automated processes in accordance with theinformation security program
• Develop remediation and corrective action plans withrelated governance and operational functions (such as PhysicalSecurity/Facilities, Risk Management, IT, HR, Legal and Compliance) plus seniorand middle managers throughout the organization as necessary
• Validate that common cloud CI CD process pipeline isbeing used and deployed to new acquisitions.
• Support security incident management, securitycompliance monitoring and security event monitoring
• Develop supporting information security awareness,training, and educational material
RequiredKnowledge/Skills, Education, and Experience
• Bachelor'sDegree preferably in Information Assurance, Risk Management, or Networking
• At least fiveyears of working with ISO 27001:2013/2022, 27004:2016, 27005:2018, 27006:2015,27017:2015, 27018:2019, 19011:2018, SSAE16/18, SOC2 Type 1 and 2, NIST CSF, 800-53,800-171, 800-218, CMMC and expertise in applying the standards to officeenvironments
• 3 to 5 Yearsof maintaining Information Security Management Systems (ISMS) in multi-siteinternational environments
• At least fiveyears in the field including at least one ISMS development and deployment
• Experiencedeveloping business centric policies and procedures based on the standards fora non-manufacturing environment
• Understandingof risk management, threat assessment and risk treatment actions is critical.
• Experiencewith cloud development and cloud deployment technologies
• Experienceleading Risk assessments and Internal Audits
• Experiencehelping develop and deploy technical solutions to address risks
• Experience incombining requirements/controls from multiple frameworks into a single set ofguidance
• Experiencewith cloud computing services (e.g., AWS and/or Azure)
• Experiencewith software development practices, particularly Agile practices, is a plus
• Securitycertifications in areas like CISA, CISM, CISSP, and AWS certified security aplus
• Proficient inMS Office (Word, Excel, PowerPoint, and Access)
• Demonstratedability to recognize, evaluate, and recommend controls for workplace hazards
• Effectivecritical thinking and problem-solving skills
• Able toeffectively communicate with senior management levels as well as being able towork in detail with product and security professionals
• Ability toget work done through a network of volunteers
• Ability toadvise and consult pragmatically and professionally technical and non-technicalcolleagues
• Ability toinfluence decision makers through well founded presentations and discourse
• Excellentinterpersonal, communication and analytical skills
• Well-developedwriting skills, especially when creating clear and concise procedures
• Ability tomanage multiple projects/tasks and work independently with minimal supervision
• Ability anddesire to work remotely from peers and stakeholders
• Ability towork with people in different geographies and cultures
• Positionrequires up to 20% travel
QualifiedApplicants must be legally authorized for employment in the Unites States,Canada, or the UK. Qualified Applicantswill not require employer sponsored work authorization now or in the future foremployment in any country.
Why us?
Working at Siemens Software means flexibility - Choosing betweenworking at home and the office at other times is the norm here. We offer greatbenefits and rewards, as you'd expect from a world leader in industrialsoftware.
A collection of over 377,000 minds building the future, one day ata time in over 200 countries. We're dedicated to equality, and we welcomeapplications that reflect the diversity of the communities we work in. Allemployment decisions at Siemens are based on qualifications, merit, andbusiness need. Bring your curiosity and creativity and help us shape tomorrow!
SiemensSoftware. Transform the Everyday
The salaryrange for this position is $121,400 to $218,500 and this role is eligible toearn incentive compensation. The actual compensation offered is based on thesuccessful candidate's work location as well as additional factors, includingjob-related skills, experience, and relevant education/training. Siemens offers a variety of health andwellness benefits to employees. Details regarding our benefits can be foundhere: www.benefitsquickstart.com. In addition, this position is eligible for time offin accordance with Company policies, including paid sick leave, paid parentalleave, PTO (for non-exempt employees) or non-accrued flexible vacation (forexempt employees).
#LI-PLM
#LI-HYBRID
#SWSaaS
#LI-DK1
Equal Employment Opportunity Statement
Siemens is an Equal Opportunity and Affirmative Action Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to their race, color, creed, religion, national origin, citizenship status, ancestry, sex, age, physical or mental disability unrelated to ability, marital status, family responsibilities, pregnancy, genetic information, sexual orientation, gender expression, gender identity, transgender, sex stereotyping, order of protection status, protected veteran or military status, or an unfavorable discharge from military service, and other categories protected by federal, state or local law.
Reasonable Accommodations
If you require a reasonable accommodation in completing a job application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please fill out the accommodations form by clicking on this link Accomodation for disablity form If you're unable to complete the form, you can reach out to our AskHR team for support at [redacted]. Please note our AskHR representatives do not have visibility of application or interview status.
EEO is the Law
Applicants and employees are protected under Federal law from discrimination. To learn more, Click here.
Pay Transparency Non-Discrimination Provision
Siemens follows Executive Order 11246, including the Pay Transparency Nondiscrimination Provision. To learn more, Click here.
California Privacy Notice
California residents have the right to receive additional notices about their personal information. To learn more, click here.
The primaryresponsibilities of this position are focused on ensuring that all departmentsmeet International, Federal, State and Local compliance requirements. This includes providing direction andprocedures to work groups to ensure that all departments can be certified invarious Information Security, Cyber Security, and Data Privacy compliancecertifications. Lead risk assessments and the implementation and review ofcontrol strategies. Perform internalaudits to ensure compliance. Work with externalauditor to provide requested information and ensure audit success.
• Directs programs, policies, and practices to ensurethat all business segments and functions are in compliance with security,legal, human resources, financial and operational policy and reportingregulations.
• Supports information security and cyber security communitycollaboration and best practice sharing
• Develops organizational compliance strategies bycontributing information, analysis, and recommendations to strategic thinkingand direction of corporate objectives.
• Support deployment of application security acrossSoftware Development Lifecycle
• Support the Siemens DI SW Sec Ops strategy for SaaSand cloud products.
• Validate security roadmaps for each product groupalign with technical and business risk
• Support alignment of DevOps, RunOps and SecOps
• Demonstrates expertise in a variety of the SaaS andCybersecurity concepts, practices, and procedures.
• Creates functional strategies and specific objectivesfor the sub-function and develops budgets/policies/procedures to support thefunctional infrastructure.
• Organizes and facilitates responses to customer requests forcompliance information and/or compliance audits.
• Deep knowledge of the managed sub-function and solidknowledge of the overall departmental function. Typically requires 5+ years ofmanagerial experience
• Implementation, operation and maintenance of theInformation Security Management System based on the ISO 27001 standards,including certification.
• Understand, interpret, and apply requirements andcontrols across multiple frameworks including ISO 27000-series, SOC2, SSAE16/18, NIST CSF, CMMC, NIST 800-series, EU Cyber Resilience Act, NIS2, TISAX,CyberEssentials, MLPS 2.0 and others.
• Performs information security risk assessments andassess the control environment of the business processes and applications underreview, including both manual and automated processes in accordance with theinformation security program
• Develop remediation and corrective action plans withrelated governance and operational functions (such as PhysicalSecurity/Facilities, Risk Management, IT, HR, Legal and Compliance) plus seniorand middle managers throughout the organization as necessary
• Validate that common cloud CI CD process pipeline isbeing used and deployed to new acquisitions.
• Support security incident management, securitycompliance monitoring and security event monitoring
• Develop supporting information security awareness,training, and educational material
RequiredKnowledge/Skills, Education, and Experience
• Bachelor'sDegree preferably in Information Assurance, Risk Management, or Networking
• At least fiveyears of working with ISO 27001:2013/2022, 27004:2016, 27005:2018, 27006:2015,27017:2015, 27018:2019, 19011:2018, SSAE16/18, SOC2 Type 1 and 2, NIST CSF, 800-53,800-171, 800-218, CMMC and expertise in applying the standards to officeenvironments
• 3 to 5 Yearsof maintaining Information Security Management Systems (ISMS) in multi-siteinternational environments
• At least fiveyears in the field including at least one ISMS development and deployment
• Experiencedeveloping business centric policies and procedures based on the standards fora non-manufacturing environment
• Understandingof risk management, threat assessment and risk treatment actions is critical.
• Experiencewith cloud development and cloud deployment technologies
• Experienceleading Risk assessments and Internal Audits
• Experiencehelping develop and deploy technical solutions to address risks
• Experience incombining requirements/controls from multiple frameworks into a single set ofguidance
• Experiencewith cloud computing services (e.g., AWS and/or Azure)
• Experiencewith software development practices, particularly Agile practices, is a plus
• Securitycertifications in areas like CISA, CISM, CISSP, and AWS certified security aplus
• Proficient inMS Office (Word, Excel, PowerPoint, and Access)
• Demonstratedability to recognize, evaluate, and recommend controls for workplace hazards
• Effectivecritical thinking and problem-solving skills
• Able toeffectively communicate with senior management levels as well as being able towork in detail with product and security professionals
• Ability toget work done through a network of volunteers
• Ability toadvise and consult pragmatically and professionally technical and non-technicalcolleagues
• Ability toinfluence decision makers through well founded presentations and discourse
• Excellentinterpersonal, communication and analytical skills
• Well-developedwriting skills, especially when creating clear and concise procedures
• Ability tomanage multiple projects/tasks and work independently with minimal supervision
• Ability anddesire to work remotely from peers and stakeholders
• Ability towork with people in different geographies and cultures
• Positionrequires up to 20% travel
QualifiedApplicants must be legally authorized for employment in the Unites States,Canada, or the UK. Qualified Applicantswill not require employer sponsored work authorization now or in the future foremployment in any country.
Why us?
Working at Siemens Software means flexibility - Choosing betweenworking at home and the office at other times is the norm here. We offer greatbenefits and rewards, as you'd expect from a world leader in industrialsoftware.
A collection of over 377,000 minds building the future, one day ata time in over 200 countries. We're dedicated to equality, and we welcomeapplications that reflect the diversity of the communities we work in. Allemployment decisions at Siemens are based on qualifications, merit, andbusiness need. Bring your curiosity and creativity and help us shape tomorrow!
SiemensSoftware. Transform the Everyday
The salaryrange for this position is $121,400 to $218,500 and this role is eligible toearn incentive compensation. The actual compensation offered is based on thesuccessful candidate's work location as well as additional factors, includingjob-related skills, experience, and relevant education/training. Siemens offers a variety of health andwellness benefits to employees. Details regarding our benefits can be foundhere: www.benefitsquickstart.com. In addition, this position is eligible for time offin accordance with Company policies, including paid sick leave, paid parentalleave, PTO (for non-exempt employees) or non-accrued flexible vacation (forexempt employees).
#LI-PLM
#LI-HYBRID
#SWSaaS
#LI-DK1
Equal Employment Opportunity Statement
Siemens is an Equal Opportunity and Affirmative Action Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to their race, color, creed, religion, national origin, citizenship status, ancestry, sex, age, physical or mental disability unrelated to ability, marital status, family responsibilities, pregnancy, genetic information, sexual orientation, gender expression, gender identity, transgender, sex stereotyping, order of protection status, protected veteran or military status, or an unfavorable discharge from military service, and other categories protected by federal, state or local law.
Reasonable Accommodations
If you require a reasonable accommodation in completing a job application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please fill out the accommodations form by clicking on this link Accomodation for disablity form If you're unable to complete the form, you can reach out to our AskHR team for support at [redacted]. Please note our AskHR representatives do not have visibility of application or interview status.
EEO is the Law
Applicants and employees are protected under Federal law from discrimination. To learn more, Click here.
Pay Transparency Non-Discrimination Provision
Siemens follows Executive Order 11246, including the Pay Transparency Nondiscrimination Provision. To learn more, Click here.
California Privacy Notice
California residents have the right to receive additional notices about their personal information. To learn more, click here.