Product & Solutions Security Officer
Wendell, USA IT development
Job description
Here at Siemens, we take pride in enabling sustainable progress through technology. We do this through empowering customers by combining the real and digital worlds. Improving how we live, work, and move today and for the next generation! We know that the only way a business thrive is if our people are thriving. That’s why we always put our people first. Our global, diverse team would be happy to support you and challenge you to grow in new ways. Who knows where our shared journey will take you?
About Siemens Smart Infrastructure – Electrification and Automation:
The Electrification and Automation (EA) Business Unit offers the full range of energy distribution systems and solutions for all markets and through all sales channels. We provide reliable power distribution grids of today while investing into our Future Grids portfolio and applications to create the power distribution grid of the future. Our comprehensive portfolio meets the growing technical requirements of todays and tomorrow’s power grid!
We are looking for a Product & Solution Security Officer. This position will report into the Wendell office.
Overview
Siemens is seeking a highly skilled and motivated Product & Solution Security Officer to actively drive product and solution security across our business units. The successful candidate will play a pivotal role in advising Executive Leadership, Product Management, Project Management, R&D, Engineering, IT, and Manufacturing heads on cybersecurity matters related to all Siemens products, solutions, and services as well as internal systems and networks and overall infrastructure.
Responsibilities:
Siemens is seeking a highly skilled and motivated Product & Solution Security Officer to actively drive product and solution security across our business units. The successful candidate will play a pivotal role in advising Executive Leadership, Product Management, Project Management, R&D, Engineering, IT, and Manufacturing heads on cybersecurity matters related to all Siemens products, solutions, and services as well as internal systems and networks and overall infrastructure.
Primary Responsibilities:
Define Regulations & Support Implementation:
- Advise executive management and product management regarding security for Siemens products, solutions and services.
- Drive the definition of a PSS strategy (e.g., including KPIs, decision regarding security service business) and implementation policy for the BU/site (agreed by CEO and Principal PSSO).
- Based on individual implementation policy of the BU/site/country steer a process improvement program to establish and maintain appropriate processes (e.g., integrate threat & risk analysis, security requirements engineering, secure architecture and design, hardening, secure coding, security testing into PLM and PM, SCM).
- Ensure organizational preparedness for product & solution security of BU/site/country (e.g., trainings, roles & responsibilities).
- Implement and manage incident & vulnerability handling activities and process.
- Implement supplier qualification and certification program.
Guide Technological Aspects:
- Ensure that relevant stakeholders have sufficient awareness for product and solution security.
- Ensure that stakeholders own the required know-how about product and solution security.
- Coordinate relevant standardization and regulation for product and solution security and required certifications of products, solutions, processes or organizations within the business.
- Coordinate and steer technical direction for product and solution security mechanisms in coordination with product & solution security expert in the respective projects.
- Coordination of product & solution security topics with legal, import and export.
Support Communication:
- Represent the business unit/site/country in all product & solution security matters.
- Establish and maintain an internal PSS community.
- Coordinate communication with marketing and sales, aligning with Communications and other Cybersecurity and Information Security teams.
Measure & Report:
- Track adherence and application of product and solution security standards, processes, and policies.
- Work with relevant stakeholders to decide how to handle escalated security risks in products and solutions.
- Report to Leadership Team and escalate/inform in emergencies; synchronize with other Product & Solution Security Officers.
Additional Responsibilities:
CMMC/CUI Compliance Management:
In line with Siemens' commitment to cybersecurity, the Product & Solution Security Officer will be responsible for overseeing generating and maintaining compliance with U.S. Federal Government regulations, particularly focusing on the Cybersecurity Maturity Model Certification (CMMC) and Controlled Unclassified Information (CUI) requirements. The candidate will work closely with executive leadership and relevant stakeholders to ensure Siemens products, solutions, and services adhere to the specified security standards mandated by the U.S. government. This includes driving the implementation of strategies and policies that align with CMMC/CUI requirements, conducting regular assessments, and ensuring the organization is well-prepared for audits. The Product & Solution Security Officer will also collaborate with internal teams to integrate threat analysis, risk assessment, and other security measures mandated by the CMMC framework into product lifecycle management and project management processes.
Local Network/System Administration Support;
You will also be responsible for overseeing the organization's server infrastructure. This includes maintaining and optimizing servers for high availability and reliability, assessing the stability and security of Windows systems, and promptly addressing performance issues. You will manage the installation, configuration, and updates of various software applications, ensuring compatibility and seamless integration. Security management is a key aspect, involving the implementation of measures to protect servers and sensitive data, user access management, and collaboration with the cybersecurity team. Database administration, file share server management, and comprehensive documentation of configurations and processes are integral to this role. Additionally, you will develop and maintain a disaster recovery plan, conduct regular drills, and stay updated on the latest trends and technologies, providing training to team members and end-users. Participation in audits and ensuring compliance are crucial aspects of this role.
You’ll win us over by having the following qualifications:
Basic Qualifications:
- Bachelor’s Degree in Cybersecurity, Computer Science, IT security, or related fields.
- Minimum 5 years of experience in product, solution, or service and customer environments.
- Broad experience in security with the ability to estimate security threats and risks.
- Competency to mediate between executive management and technical staff.
- Ability to work in a matrix organization and lead without disciplinary power.
- Proven technical management experience.
- Ability to analyze and evaluate security impacts on divisional mid-term strategy.
- Equivalent to project management experience of a certified PM (Siemens cert.) and/or responsibility for a portfolio of small projects for a minimum of 24 months.
- Experience with crisis management in projects and process improvement projects, change management.
Preferred Qualifications:
- Certification program: Certified Information Systems Security Professional (CISSP) and Certified Secure Software Lifecycle Professional (CSSLP) are helpful.
You’ll benefit from:
- Siemens offers a variety of health and wellness benefits to our employees. Details regarding our benefits can be found here: https://www.benefitsquickstart.com/siemens/index.html
- The pay range for this position is $110,810 - $189,960 and the annual incentive target is 10% of the base salary. The actual wage offered may be lower or higher depending on budget and candidate experience, knowledge, skills, qualifications and premium geographic location.
Create a better #TomorrowWithUs
About Siemens:
We are a global technology company focused on industry, infrastructure, transport, and healthcare. From more resource-efficient factories, resilient supply chains, and smarter buildings and grids, to sustainable transportation as well as advanced healthcare, we create technology with purpose adding real value for customers.
Our Commitment to Diversity, Equity, and Inclusion:
We value your unique identity and perspective. We are fully committed to providing equitable opportunities and building a workplace that reflects the diversity of society. Come bring your authentic self and create a better tomorrow with us. Learn more about our commitment to DEI here.
Protecting the environment, conserving our natural resources, fostering the health and performance of our people as well as safeguarding their working conditions are core to our social and business commitment at Siemens. They are an integral part of our Business Conduct Guidelines and our corporate strategy.
Equal Employment Opportunity Statement
Siemens is an Equal Opportunity and Affirmative Action Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to their race, color, creed, religion, national origin, citizenship status, ancestry, sex, age, physical or mental disability unrelated to ability, marital status, family responsibilities, pregnancy, genetic information, sexual orientation, gender expression, gender identity, transgender, sex stereotyping, order of protection status, protected veteran or military status, or an unfavorable discharge from military service, and other categories protected by federal, state or local law.
EEO is the Law
Applicants and employees are protected under Federal law from discrimination. To learn more, Click here.
Pay Transparency Non-Discrimination Provision
Siemens follows Executive Order 11246, including the Pay Transparency Nondiscrimination Provision. To learn more, Click here.
California Privacy Notice
California residents have the right to receive additional notices about their personal information. To learn more, click here.