Job Family: Cybersecurity

　　Req ID: 403224

　　Hello eager tech expert!

　　We’re looking for dedicated individuals with the skills and vision to build a better tomorrow. Join our R&D team, develop your skills on the job and work.

　　We know that the only way a business thrive is if our people are growing. That’s why we always put our people first. Our global, diverse team would be happy to support you and challenge you to grow in new ways. Who knows where our shared journey will take you?

　　We are looking for Cyber Security Professional !

　　You’ll break new ground by:

　　Support project development teams to incorporate appropriate security practices across the development lifecycle (from product / solution concept to release).

　　Risk Management & Compliance - Review documents produced during the development and engineering process (e.g., threat and risk analysis results, requirements specs, arch & design specs, test specs, user documentation) regarding PSS.

　　Identify security weaknesses and vulnerabilities in the product, solution, or service offering, analyze the threats that might exploit these weaknesses or vulnerabilities, and evaluate the resulting risks. Organize & facilitate threat & risk analysis workshops in accordance with organizational processes.

　　Security Requirements - Specify and maintain security requirements for the project. Support for meeting international and regional security standards, cybersecurity frameworks (e.g., NIST CSF v1.1) and regional regulations (e.g., Chinese Cybersecurity Law, EU Cyber Resilience Act, etc.).

　　Experienced in infrastructure security and crafting secure network topologies and evaluate appropriate security products (e.g. VPN gateways, WAF, Malware protection).

　　Secure Suppliers & Components - Evaluate third-party suppliers & components regarding PSS and providing clearance of implementation and documentation of security critical components (e.g., cryptographic functions, hidden functions, firewall settings).

　　Perform and support Cybersecurity awareness and training initiatives, especially with focus to secure development and testing due to the nature of unit

　　Security Testing - Perform verification of implementation regarding security requirements (e.g., as part of system test, factory, or site acceptance test). This includes recommendation and creation of security testing tools. Support validation to ensure that implementation fulfills security expectations of customers (e.g., to identify security vulnerabilities, and to evaluate the effectiveness of remediation measures).

　　Vulnerability Management - Support project teams to analyze vulnerabilities for their risk, prioritize and suitably mitigate risks to the products

　　Guidance & Expertise Enhancement - Develop & maintain procedures, guidelines & support tools for projects. Guide development teams in secure web application development, secure software development processes and DevSecOps. Conduct security training and development of training material. Support the development of the PSS community within the organization, with experience exchange internally and externally.

　　You’d describe yourself as:

　　BE/BTech/MTech/MCA in Electronics/ Instrumentation/ Computer Science.

　　Do you have a degree/master’s degree in computer science with specialization in IT Security with 15+ years of experience in information technology/software development with 6+ years in defining security controls and measures for SCADA/IACS/Critical infrastructure

　　Active IT security certifications (CISSP, CSSLP).

　　Active OT security certifications (ISA/IEC 62443 CFS, CRAS) are a strong plus.

　　Up-to-date knowledge on the threat landscape, including capabilities of attackers, available attacker tools, and typical security weaknesses & vulnerabilities.

　　Your depth knowledge in defining policies for firewalls and VPN gateways and developing secure web applications, awareness of standard methodologies such as OWASP Web Application Security Standard and OWASP Top 10 will build the difference.

　　Experience in programming (e.g., C, C++, Java, JavaScript) in Linux & Windows and scripting (e.g., bash scripts, python) and ready to learn new technologies (e.g., Go).

　　Experience on securing containers (esp. Debian based distributions).

　　Knowledge of benchmarks (e.g., CIS-Security benchmarks and Microsoft security baselines).

　　Experience in securing remote access, malware prevention systems, IDS/IPS, Vulnerability scanners (e.g., Nessus).

　　Knowledge of PKI and certificate-based authentication

　　Knowledge of OT Asset Management, Anomaly Detection & SIEM solutions.

　　Knowledge of IIOT and digitalization solutions

　　Superb communication and influencing skills

　　Ready to unlock the full potential of technology? Join us!

　　We value your outstanding identity and perspective and are fully committed to providing opportunities and building a workplace that reflects the diversity of society. Come bring your authentic self and build a better tomorrow with us. Protecting the environment, conserving our natural resources, encouraging the health and performance of our people as well as safeguarding their working conditions are core to our social and business dedication at Siemens.

　　Make your mark in our exciting world at Siemens.

　　This role is based in Bangalore and is an Individual contributor role. You might be required to visit other locations within India and outside. In return, you'll get the chance to work with teams impacting - and the shape of things to come.

　　We're Siemens. A collection of over 379,000 minds building the future, one day at a time in over 200 countries. We're dedicated to equality, and we welcome applications that reflect the diversity of the communities we work in. All employment decisions at Siemens are based on qualifications, merit and business need. Bring your curiosity and imagination and help us shape tomorrow.

　　Find out more about Siemens careers at: www.siemens.com/careers