Our Cybersecurity Third Party Risk Management team at Siemens Energy is looking for cybersecurity professionals to help us identify and manage our cybersecurity risks relating to supplier engagements around the world, providing stakeholders with the tools and insights to successfully manage and understand Siemens Energy’s Third Party Risk exposure.
The Cybersecurity Supplier Assessor will provide a key role assessing the control practices and posture of new and existing Third Parties, to identify potential cyber risks. They will make recommendations and influence decisions taking into consideration the suppliers security posture.
What part will you play?
- Plan and conduct cybersecurity reviews of business partners and third parties via activities such as self-assessment questionnaires and virtual / remote or onsite assessments.
- Prepare security assessment reports detailing assessment scope, conclusion and security assessment findings along with risk ratings, recommendation and required additional measures
- Ensure Cybersecurity risks pertaining to third parties are identified, documented, and transparent to relevant stakeholders.
- Work with third parties to track open findings and implementation status of additional measures through to closure and assist in the interpretation and support of the implementation where required.
- Report overdue action items to the asset owner and other relevant parties, e.g. Legal and Procurement as applicable.
- Partner with other Siemens Energy teams, to ensure the Third Party Risk Management Framework is successfully embedded.
- Identify and negotiate appropriate Cybersecurity contract clauses in 3rd party contracts.
What skills do you need to make real what matters
- Bachelor’s or Master’s Degree in cybersecurity or relevant field
- Knowledge of IT Risk and Security governance frameworks such as ISO 27001, NIST, and COBIT
- Desired Work Experience 3 to 5 years as an IT auditor or cybersecurity assessor
- CISA, CISM, CISSP, ISO 27001 Lead Auditor or comparable certifications preferred
- Ability to assess security risks, analysing and presenting critical risks and potential remediation activities to all levels of management within the business.
- Experience in cloud security
- Fluency in English language
- Fluency in German language desirable
- Intercultural awareness and ability to work in cross-functional teams
- Personal initiative, quality, and result orientation
- Analytical ability and strategic thinking
- Excellent communication skills
- Ability to travel domestically and internationally 20% of time
Who is Siemens Energy?
At Siemens Energy, we are more than just an energy technology company. We meet the growing energy demand across 90+ countries while ensuring our climate is protected. With more than 92,000 dedicated employees, we not only generate electricity for over 16% of the global community, but we’re also using our technology to help protect people and the environment.
Our global team is committed to making sustainable, reliable, and affordable energy a reality by pushing the boundaries of what is possible. We uphold a 150-year legacy of innovation that encourages our search for people who will support our focus on decarbonization, new technologies, and energy transformation.
Siemens Energy is an Equal Opportunity and Affirmative Action Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to their race, color, creed, religion, national origin, citizenship status, ancestry, sex, age, physical or mental disability unrelated to ability, marital status, family responsibilities, pregnancy, genetic information, sexual orientation, gender expression, gender identity, transgender, sex stereotyping, order of protection status, protected veteran or military status, or an unfavorable discharge from military service, and other categories protected by federal, state or local law.