Who designs your future? You do. Are you looking for a career where you can showcase your technical aptitude and passion for problem solving to ensure your customers can work in a comfortable, safe, and energy-efficient environment? Then look to Siemens! Our Smart Buildings help to create efficient, safe, responsive and responsible environments \u2013 and so, we are creating perfect places. We\u2019re looking to empower people wanting to tackle the challenges facing society and who want to make real what matters most. Think this is you? At Siemens we are always challenging ourselves to build a better future. We need the most innovative and diverse Digital Minds to develop tomorrow\u2018s reality. Find out more about the Digital world of Siemens here: www.siemens.com/careers/digitalminds Join our team! Recognized by Fortune as World\u2019s Most Admired Companies 2020. Our Culture: At Siemens, we live and foster an ownership culture, in which every employee takes personal responsibility for our company's success. We trust and empower our leaders to act as owners, direct their teams, and innovate to succeed. We communicate openly and honestly to learn from our failures and celebrate our successes. We recognize individual and team achievements frequently. We invest in our team members, offering a wide variety of internal and external development opportunities. Siemens Smart Infrastructure What you will do for Siemens Smart Infrastructure: We are looking for a Product and Solution Security Expert with experience in the cybersecurity industry and familiarity with U.S. federal cybersecurity requirements. Responsible for helping Siemens Smart Infrastructure, Regional Solutions and Services, Region Americas secure products, solutions, and services delivered to and used by Siemens\u2019 customers across a range of industries Responsible for coordinating and contributing to cybersecurity posture improvement initiatives and supporting effective implementation throughout the Siemens Smart Infrastructure organization Reports to the Product and Solution Security Officer (PSSO) Responsibilities: Supports the PSSO in implementing organizational policies and processes and tailoring cybersecurity controls to increase security while supporting business goals Supports the PSSO to develop, coordinate, and monitor cybersecurity improvement initiatives such as process optimization, process documentation, tool testing and implementation, and training development Supports the PSSO in analyzing current and future cybersecurity-related regulations, standards, and market requirements Supports the PSSO in responding to cybersecurity incidents and events, performing actions such as informal forensic reviews, incident remediation, communication coordination, and environment cybersecurity posture improvement Supports the PSSO in reviewing cybersecurity clauses in agreements and contracts Collaborates with organizational stakeholders to review and analyze supply-chain security and perform assessments of third-party suppliers Supports the development and implementation of projects and organization-wide initiatives to resolve specific cybersecurity challenges faced by Siemens Smart Infrastructure due to market requirements, regulations, and/or standards Collaborates with organizational stakeholders to understand existing business practices and create process and technical documentation aligned to cybersecurity best practices. Collaborates with organizational stakeholders to support the delivery of cybersecurity services such as standards-based gap assessments Provides both sales and operations support to project teams to design, implement, and maintain IT infrastructure and cybersecurity controls to improve the security of Siemens products, solutions, and services Supports project teams and organizational stakeholders in implementing hardening mitigations and related settings for servers, workstations, applications, systems, and devices Collaborates with organizational stakeholders and project teams to perform project and product development design reviews, risk classifications, and threat and risk analyses Supports product and solution development teams in implementing, improving, and maintaining best-practice secure product/solution lifecycle development procedures and tools Coordinates with professional services providers to clarify scope and requirements, develop estimates, and provide services in collaboration with project teams Collaborates with organizational stakeholders to answer cybersecurity questionnaires related to Siemens\u2019 products, solutions, and/or services Works independently to drive organizational change, take responsibility, and constantly strive to advocate for improving security across all aspects of the organization Qualifications: Proven work experience in a cybersecurity-related field, including experience with common cybersecurity operational activities such as incident management, vulnerability management, and threat and risk management Proven work experience in process improvement and documentation Proven work experience designing, implementing, and/or maintaining solutions composed of multiple technical systems, IT/network components, and cybersecurity controls Proven work experience collaborating with others across teams and organizational groups with a focus on working well with individuals and groups from diverse backgrounds, and with varying levels of technical proficiency Strong verbal and written English language communication skills, including proficiency in technical writing and documentation Advanced level experience and ability working with Microsoft Office products including Excel, Word, and PowerPoint Desire to learn new skills and technologies and ability to apply past experiences to new situations to quickly understand and work with unfamiliar technologies Familiarity with common cybersecurity standards and best practices, such as NIST SP 800-53, CIS Controls, ISO/IEC 2700x, and the NIST Cybersecurity Framework. Willingness and ability to attend cybersecurity-related training and educational events Willingness and ability to attain cybersecurity-related technical and/or process certifications Familiarity with common cybersecurity requirements and practices of the U.S. federal government, such as RMF Applicants must be legally authorized for employment in the United States without need for current or future employer-sponsored work authorization Travel: up to 20% travel required in the U.S. and Canada Preferred Qualifications: Familiarity with cybersecurity operational practices and tools such as vulnerability scanners, IDS/IPS, HIDS/HIPS, and firewalls Familiarity in performing cybersecurity assessments and/or gap analyses against common industry standards, such as ISO/IEC 27001, CIS controls, and IEC 62443 Knowledge of operational technology such as industrial control systems, facility-related control systems, and network-connected facility systems Familiarity with secure product/software development practices, such as SDLC frameworks and related testing Existing cybersecurity and/or IT-related certifications, such as CompTIA Network+/Security+ or similar Familiarity with Microsoft 365 hosted products, such as SharePoint Online, PowerAutomate, PowerBI, and PowerApps Familiarity with NIST 800-171 and DFARS requirements related to the handling of CUI for the federal government Familiarity with CMMC and/or similar maturity frameworks and related cybersecurity control groupings Experience with DISA STIGs and SCAP scanning and management best practices Degree in cybersecurity and/or IT-related field a plus Demonstrated ability to be a change agent and act as an example to embed cybersecurity in the culture of an organization Benefits: Competitive salary based on qualifications Health, dental, and vision plans with options Matching 401(k) Competitive paid time off plan, holidays, and floating holidays Paid parental leave Company cell phone and laptop Extensive product training and professional career development Education and tuition reimbursement programs available Overtime, on-call pay, and company uniform and vehicle for eligible positions This job may be based in Colorado. Siemens offers a variety of health and wellness benefits to employees. Details regarding our benefits can be found here: https://www.benefitsquickstart.com/siemens/index.html. The base salary range for this position in Colorado is $120,666 - $163,302, and the annual incentive target is 15% of base salary. Organization: Smart Infrastructure Company: Siemens Industry, Inc. Experience Level: Mid-level Professional Job Type: Full-time Equal Employment Opportunity Statement Siemens is an Equal Opportunity and Affirmative Action Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to their race, color, creed, religion, national origin, citizenship status, ancestry, sex, age, physical or mental disability unrelated to ability, marital status, family responsibilities, pregnancy, genetic information, sexual orientation, gender expression, gender identity, transgender, sex stereotyping, order of protection status, protected veteran or military status, or an unfavorable discharge from military service, and other categories protected by federal, state or local law. EEO is the Law Applicants and employees are protected under Federal law from discrimination. To learn more, Click here. Pay Transparency Non-Discrimination Provision Siemens follows Executive Order 11246, including the Pay Transparency Nondiscrimination Provision. To learn more, Click here. California Privacy Notice California residents have the right to receive additional notices about their personal information. To learn more, click here.