Cybersecurity Governance - Junior Professional (m/f/d)

• Support 2nd Line of Defense activities, with a focus on identification, conduction of assessments and remediation of gaps;
• Keeping up to date with the ISO27001 standard evolution and implementing any new requirements that come to life;
• Interact with Smart Infrastructure Functional Departments, Business Units as well as countries as Cybersecurity Governance team member;
• Contribute into all areas of Governance either from a governance or from a technical background;
• Support refining the Siemens/SI-specific Cybersecurity governance frameworks for requirements of relevant standards & frameworks;
• Closely collaborate with Corporate Cybersecurity Governance to jointly develop, review and guide implementation of new/updated requirements;
• Work off currently undefined and unidentified backlogs or priority tasks;
• Support in various topics and processes by identifying backgrounds, responsibilities, improvements and boundaries;
• Backup for other Governance-related topics.

• Assist and conduct cybersecurity assessments and evaluations with the objective of detecting blind spots and improving the global posture of SI;
• Participate in the continual improvement process, by exploring better and more effective ways of reporting progress in initiatives to stakeholders and management;
• Participate in preparation and presentation of reports and status updates for cybersecurity management in SI;
• Maintain documentation and tracking of cybersecurity governance initiatives, ensuring alignment with regulatory and internal requirements;
• Collaborate with various teams to collect evidence, analyze data, and support compliance with security frameworks and best practices;
• Stay up to date with relevant cybersecurity standards, regulations, and best practices to enhance internal processes;
• Become deeply familiar with Siemens/SI-specific Cybersecurity governance frameworks and be aware of (upcoming) changes in relevant external standards & frameworks;
• Identify necessary adjustments of internal Cybersecurity governance and guidance for IT, OT, and PSS considering external and internal factors;
• Initiate and monitor implementation of such adjustments;
• Regularly review governance and guidance for applicability and potential for streamlining und harmonization;
• Strive for business oriented and lean governance;
• Collaborate with Business Unit and Country representatives;
• Backup for existing established Cybersecurity Governance Topics;
• Participate in ISO27001 recertification process as part of the ISMS responsible team.

• Up to 2 years of experience in Cybersecurity GRC and/ or a respective bachelor's or master's degree;
• Willingness and endurance to dig into Siemens' internal regulation landscape;
• Knowledge, interest or expertise in Cybersecurity governance;
• Have a basic understanding (and curiosity) of current cybersecurity frameworks and regulations (such as ISO27001, NIS2, CRA);
• Affinity for details, precise, and reliable work while keeping pragmatism as guiding principle;
• Thriving on communicating and cooperating with different people, from different parts of the company;
• Ability to drill down from a high level picture, to the granular detail, leveraging this to have conversations and present results at the different relevant levels;

• Merco - Companies and Leaders with the Best Reputation in Portugal (#1 Tecnology/Manufacturing)
• Forbes - World's Best Employers (#1 Engineering & Manufacturing)
• LinkedIn - LinkedIn Top Companies (#2)
• OnStrategy - REPSCORE 2024: Brands' Reputation in Portugal (#1 Engineering & Electronic Services)
• Fortune - World's Most Admired Companies (#1 Industrial Machinery)
• Teamlyzer - Company with the Best Interviews (#1 Technology)

Siemens