Job Description:
Cybersecurity Governance - Junior Professional (m/f/d)
Create a better tomorrow with us.
We transform industries and societies by combining the real and digital worlds. At our organization, we make a truly global impact.
We bring value to the business digitalization transition in areas such as Artificial Intelligence, Analytics & Business Intelligence, Application Lifecycle Management, Cybersecurity, IT Infrastructure Management, IT Project & Service Management, IT Strategy, User Experience, and more.
We are a decade-old organization with around 1,600 experts, making us the home of new technologists.
You will be part of our team, working on various challenges to make life easier, safer, and more sustainable for us and future generations.
* Support second-line defense activities, focusing on identification, assessment conduction, and remediation of gaps.
* Keep up-to-date with ISO27001 standard evolution and implement new requirements.
* Interact with functional departments, business units, and countries as a cybersecurity governance team member.
* Contribute to all aspects of governance from both governance and technical backgrounds.
* Support refining Siemens-specific cybersecurity governance frameworks for relevant standards and frameworks.
* Closely collaborate with corporate cybersecurity governance to develop, review, and guide implementation of new/updated requirements.
* Work off undefined and unidentified backlogs or priority tasks.
* Support various topics and processes by identifying backgrounds, responsibilities, improvements, and boundaries.
Daily Tasks:
Your daily tasks will include:
* Assist and conduct cybersecurity assessments and evaluations to detect blind spots and improve our global posture.
* Participate in continual improvement processes by exploring better ways of reporting progress to stakeholders and management.
* Prepare and present reports and status updates for cybersecurity management.
* Maintain documentation and tracking of cybersecurity governance initiatives, ensuring alignment with regulatory and internal requirements.
* Collaborate with teams to collect evidence, analyze data, and support compliance with security frameworks and best practices.
* Stay up-to-date with relevant cybersecurity standards, regulations, and best practices.
* Become familiar with Siemens-specific cybersecurity governance frameworks and be aware of upcoming changes in external standards and frameworks.
* Identify necessary adjustments of internal cybersecurity governance and guidance considering external and internal factors.
* Initiate and monitor implementation of such adjustments.
* Regularly review governance and guidance for applicability and potential streamlining and harmonization.
* Strive for business-oriented and lean governance.
* Collaborate with business unit and country representatives.
* Backup for existing established cybersecurity governance topics.
* Participate in ISO27001 recertification process as part of the ISMS responsible team.
Requirements:
We are looking for someone with:
* Up to 2 years of experience in Cybersecurity GRC and/or a respective bachelor's or master's degree.
* Willingness and endurance to dig into our internal regulation landscape.
* Knowledge, interest, or expertise in cybersecurity governance.
* A basic understanding (and curiosity) of current cybersecurity frameworks and regulations (such as ISO27001, NIS2, CRA).
* Affinity for details, precise, and reliable work while keeping pragmatism as a guiding principle.
* The ability to communicate and cooperate with different people from different parts of the organization.
* Ability to drill down from a high-level picture to the granular detail, leveraging this to have conversations and present results at different relevant levels.
* Willingness to achieve ISO27001 Lead auditor/Lead implementer certifications – any current ISO27001 certification is a plus.
What We Offer:
We offer a hybrid and flexible working model to promote a better work-life balance, along with a budget for home office support and the opportunity to do 16 hours a year of volunteer work.
We provide health insurance, access to our on-site medical center, and the chance to join sports groups.
We also offer online learning platforms and discounts with partners, a shuttle bus to commute to facilities, and financial support for studies.
About Us:
We are proud to be recognized as:
* Merco – Companies and Leaders with the Best Reputation in Portugal (#1 Tecnology/Manufacturing)
* Forbes – World's Best Employers (#1 Engineering & Manufacturing)
* LinkedIn – LinkedIn Top Companies (#2)
* OnStrategy – REPSCORE 2024: Brands' Reputation in Portugal (#1 Engineering & Electronic Services)
* Fortune – World's Most Admired Companies (#1 Industrial Machinery)
* Teamlyzer – Company with the Best Interviews (#1 Technology)