Cybersecurity governance, Vulnerability management, Risk and threat analysis, IT governance and compliance, incident handling
Key Responsibility
Maintain IT asset repository in the central tools (FutureNow, ITAM, ACP, etc.). Assess security risks and perform business impact assessment on applications and systems.
Checking and aligning the critical IT assets as per the Siemens Infosec Guidelines.
Assist location team (project owners) to complete cybersecurity due diligence for any new project.
Responsible for preparing protection strategies for critical IT applications in close coordination with application owner/manager, CYS, IT and data protection teams.
Responsible for conducting cybersecurity due diligence on SRE IT assets, in collaboration with the local CYS and IT teams for new projects.
You support Supplier Risk Management (internal and external)
Monitoring IT assets and coordinating with responsible stakeholders to maintain data quality and ensure the assets are compliant with the Siemens IT Standards.
Responsible for maintaining and updating the documents of all IT assets.
SPOC for central SRE CYS for Siemens Energy.
Support incident handling, annual reviews, audits, and other activities, as needed, on behalf of SRE.
Collaborating with internal and external stakeholders to ensure that cybersecurity policies and procedures are aligned with business objectives and regulatory requirements.
Periodic assessment of systems & processes for adherence to all above points.
Supporting local site team to manage IT assets and vulnerabilities.
Periodic status update and reporting to SRE management.
Ensure full adherence to local statutory regulations and local laws (data privacy).
Implementation of Zero Trust enablement for SRE IT applications
Ensure Zero cybersecurity vulnerabilities with comprehensive and proactive approach
Required Competencies
Minimum Year of experience: 5~7 Years in similar field
Qualification: BE or ME electronics / IT / Computer Science, B.Sc.-IT, Any IT certification
Specialized Skills: Information security certification like CISA, Security+, ISO 27001, etc. (preferred)
Personal Attributes: The applicant must have the ability to organize, prioritize and produce results to meet deadlines and work in close collaboration with customers and stakeholders. Good team-working skills are a must.
