Full Job Description
The Security and Compliance Practice team works within the Services Eingeering organization and across the business to design, automate, and operate Siemens’s security and compliance capabilities.
As an Information Security Analyst on the Security and Compliance Practice team, you will be responsible for the design, implementation, and management of Siemens’s technical compliance capabilities. You will create and maintain solutions to uphold Siemens’s continuous compliance with a broad set of industry regulations, and drive compliance efforts to enable Siemens to enter increasingly regulated markets.
Actively manage information security and risk according to internal compliance and regulatory requirements including governance, metrics, and compliance oversight of Siemens’s SDLC and Change Management programs
Perform technical assessments and produce detailed artifact analysis to ensure that systems, applications, and processes are in compliance with Siemens’s internal security objectives and external regulatory requirements
Collaborate with Engineers to define system baseline standards, and to maintain the efficiency and effectiveness of Siemens’s SDLC and Change Management programs
Develop tools and documentation to support the standardization of Siemens’s security controls in a multi-cloud, multi-region ecosystem.
Analyze security incidents, investigate, and conduct root cause analysis along with implementation of remediation.
Conduct Access Reviews, Disaster Recovery Drills, and Risk Analysis/Security Audits.
You have a BS or a minimum of 5 years of relevant industry experience.
Strong Written and Verbal Communication skills
Expert level knowledge and in-depth practical experience working with at least one defined compliance and regulatory standard (e.g. NIST, GDPR, HIPAA, ISO 27001, PCI DSS, SOX, others).
Direct experience with Agile SDLC and Cloud software development technology, practices and teams.
Experience successfully implementing tooling & instrumentation and/or automating routine or mundane processes with Python, Go, or similar scripting tools.
Experience with Computer Forensics, Reverse Engineering, AWS Security Applications and Tooling.
Familiarity and exposure to other compliance and regulatory standards (e.g. FedRAMP/ITAR, GDPR, HIPAA, ISO 27001, PCI DSS, SOX) a plus.
You want to work in a fast paced, high growth environment that values pragmatism and initiative.
Ability to work with data restricted to US persons.
Desired Skills and Considerations:
Knowledge of Siemens PLM Software a plus
CNAB, automated delivery (SDM), and CI/CD get your pulse going.
You’ve previously worked in a cloud-native or startup environment.
You hold relevant industry certifications.
Verbal communication is your cup of tea.
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment.
Organization: Digital Industries
Company: Siemens Industry Software Inc.
Experience Level: Experienced Professional
Job Type: Full-time
Equal Employment Opportunity Statement
Siemens is an Equal Opportunity and Affirmative Action Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to their race, color, creed, religion, national origin, citizenship status, ancestry, sex, age, physical or mental disability unrelated to ability, marital status, family responsibilities, pregnancy, genetic information, sexual orientation, gender expression, gender identity, transgender, sex stereotyping, order of protection status, protected veteran or military status, or an unfavorable discharge from military service, and other categories protected by federal, state or local law.
EEO is the Law
Applicants and employees are protected under Federal law from discrimination. To learn more, Click here.
Pay Transparency Non-Discrimination Provision
Siemens follows Executive Order 11246, including the Pay Transparency Nondiscrimination Provision. To learn more, Click here.
California Privacy Notice
California residents have the right to receive additional notices about their personal information. To learn more, click here.