Job Description
Key Skills
Cybersecurity governance, Vulnerability management, Risk and threat analysis, IT governance and compliance, incident handling
Key Responsibility
- Maintain IT asset repository in the central tools (FutureNow, ITAM, ACP, etc.). Assess security risks and perform business impact assessment on applications and systems.
- Checking and aligning the critical IT assets as per the Siemens Infosec Guidelines.
- Assist location team (project owners) to complete cybersecurity due diligence for any new project.
- Responsible for preparing protection strategies for critical IT applications in close coordination with application owner/manager, CYS, IT and data protection teams.
- Responsible for conducting cybersecurity due diligence on SRE IT assets, in collaboration with the local CYS and IT teams for new projects.
- You support Supplier Risk Management (internal and external)
- Monitoring IT assets and coordinating with responsible stakeholders to maintain data quality and ensure the assets are compliant with the Siemens IT Standards.
- Responsible for maintaining and updating the documents of all IT assets.
- SPOC for central SRE CYS for Siemens Energy.
- Support incident handling, annual reviews, audits, and other activities, as needed, on behalf of SRE.
- Collaborating with internal and external stakeholders to ensure that cybersecurity policies and procedures are aligned with business objectives and regulatory requirements.
- Periodic assessment of systems & processes for adherence to all above points.
- Supporting local site team to manage IT assets and vulnerabilities.
- Periodic status update and reporting to SRE management.
- Ensure full adherence to local statutory regulations and local laws (data privacy).
- Implementation of Zero Trust enablement for SRE IT applications
- Ensure Zero cybersecurity vulnerabilities with comprehensive and proactive approach
Required Competencies
- Minimum Year of experience: 5~7 Years in similar field
- Qualification: BE or ME electronics / IT / Computer Science, B.Sc.-IT, Any IT certification
- Specialized Skills: Information security certification like CISA, Security+, ISO 27001, etc. (preferred)
- Personal Attributes: The applicant must have the ability to organize, prioritize and produce results to meet deadlines and work in close collaboration with customers and stakeholders. Good team-working skills are a must.
