A Snapshot of Your Day
Starting the morning, you will be discussing with colleagues from different areas and backgrounds what are the current important topics in our company and their related cyber risks that require assessments to be conducted and then work with them to build meaningful risk assessment plans. Before noon, you will have already engaged with business or IT colleagues to understand how they are performing controls and mitigating the risks you have identified priorly. In the end of the day, you will be finishing your report presentation showing the improvements points (if found) the identified risks partners will have to implement in order to mitigate them accordingly the expected.
There will also be days in which you support business areas such as factories, solutions development and corporate services to develop and implement business continuity plans, following specific templates and guidelines.
How You'll Make An Impact Supporting business and corporate areas to develop and implement business continuity plans in the case of disruptive cyber incidents.Planning and performing 2nd line of defense security assessments regarding IT and OT infrastructures, products, solutions, services and their related processes and controls.Supporting corporate and manufacture business areas certifying for ISO 27001 standard.Supporting business, IT and cybersecurity areas identifying cyber risks and defining their managing strategies.Supporting the business to remediate nonconformities found in ISO 27001 assessments and to defend the ISMS against external ISO Auditors.Discussing on eye-to-eye level with security architects and solution providers to challenge their security assumptions and requirements as well as to improve their solutions whenever necessary.Supporting friendly hacking team (Red Team) identifying assets as targets.Driving Cybersecurity improvement projects throughout the development and procurement lifecycle together with the partners.Identifying root causes of findings and assisting business and other functions in developing improvement measures. What You Bring University degree or equivalent experience in Information Technology, Engineering or similar; certificates such as ISO 27001 auditor, CISSP, CISA, Certification in Business Continuity Management (CITBCM), Certified Business Continuity Professional (CBCP) and CISM are considered a plus.5+ years of professional experience in either: Business Continuity, Disaster Recovery, Incident Management, IT audit, information security, cybersecurity, IT risk management, IT GRC, IT general controls.Knowledge of ISO 27001 and one or multiple of these: cybersecurity, IT governance, IT audit, COBIT, OT security (IEC 62443), secure software development lifecycle.Deep understanding of business continuity management concept and related processes such as business continuity plans, incident management, disaster recovery.Additionally, knowledge of some of the following is a plus: SCADA/ICS, cloud security, agile methodologies, mobile security, data protection, ITIL, network security.As you act in an international environment, you demonstrate business-fluent English language skills (English on a C1 level). German and Portuguese language skills are a plus.You have very good communication and presentation skills as well as are willing to learn about the latest trends in Cybersecurity and keep up to date in a continuously challenging environment.Furthermore, you bring multicultural sensitivity, innovative thinking with solid analytical skills. About The Team
We are a distributed team composed by people of all genders from different cultures, backgrounds and expertise passionate about helping our company identifying and handling its cyber risks as well as cyber securing its assets, products, solutions and costumers' infrastructure.
Since we are in a dynamic environment, we are willing to deal with changes and to investigate the unknown sometimes. Therefore, we support each other developing ourselves, and we are open to every kind of new insights and eager to test and validate them in order to succeed in this environment.
Who is Siemens Energy?
At Siemens Energy, we are more than just an energy technology company. We meet the growing energy demand across 90+ countries while ensuring our climate is protected. With more than 98,000 dedicated employees, we not only generate electricity for over 16% of the global community, but we're also using our technology to help protect people and the environment.
Our distributed team is dedicated to making reliable and affordable energy a reality by pushing the boundaries of what is possible while maintaining a balanced approach. We uphold a 150-year legacy of innovation that encourages our search for people who will support our focus on decarbonization, new technologies, and energy transformation.
Our Commitment to Diversity
Lucky for us, we are not all the same. Through diversity, we generate power. We run on inclusion and our combined creative energy is fuelled by over 130 nationalities. Siemens Energy celebrates character - no matter what ethnic background, gender, age, religion, identity, or disability. We energize society, all of society, and we do not discriminate based on our differences.
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.
Rewards/Benefits Competitive salaryMeal allowanceFair monetary compensation when working abroadHealth insuranceRemote work allowed when in PortugalBesides the legal vacation period, if not working abroad, you can enjoy 5 pre-established "Pontes"If your birthday is on a weekday, and you are not abroad, we give you the day offFree shuttle to our Alfragide officeAmong others.
#J-18808-Ljbffr