Detailansicht des Stellenangebots

As a leading technology company, we are shaping the future of industry and infrastructure. Within our DI PA DCP NET department, we are developing innovative solutions for network infrastructure and the associated security technologies in both software and hardware.

In the role of Product & Solution Security Officer (f/m/d) (PSSO), you will play a key role in ensuring the security of our products and solutions throughout their entire lifecycle. Acting as the central point of contact for all security-related topics, you will be driving key initiatives to implement our security strategy and thereby making a significant contribution to protecting our customers, their data, and our technologies.What we offer you

• An attractive remuneration package- Access to Siemens share plans- 30 days of paid vacation and a variety of flexible work schedules that allow time off for you and your family- Flexible training opportunities for both your professional and personal development that you can tailor to your interests

Since each of over 300,000 team members feels that other benefits are particularly important, and we cannot list our entire benefit portfolio here, you can find more information here.
The individual benefits are subject to regulatory, contractual, or corporate conditions.

You’ll make an impact by

• Providing expert guidance to the team of Product & Solution Security Experts and working closely with them to shape the security strategy for our products and solutions- Advising product management, development teams, and architects across all phases of the product lifecycle - from concept to maintenance -on security requirements, best practices, and Security by Design- Defining and implementing security concepts, analyzing and assessing security risks, and deriving appropriate measures to mitigate them- Ensuring compliance with relevant security standards, policies, and regulatory requirements (e.g., IEC 62443, ISO 27001, CRA, GDPR)- Conducting security reviews, threat analyses, and risk assessments, supporting penetration testing and vulnerability scans, and coordinating the remediation of identified vulnerabilities- Supporting the handling of security incidents and vulnerability reports and coordinating communication with internal and external stakeholders- Designing and leading training sessions and workshops on product security, while promoting a sustainable security awareness culture within development teams- Creating and maintaining security documentation, policies, and processes, building a network with internal and external security experts, and regularly reporting on the security status to management

Y****our success is grounded in

• Education: We look forward to getting to know you if you have successfully completed a degree in computer science, IT security, electrical engineering, or a comparable field- Experience & Skills: - Extensive professional experience in the field of IT and cybersecurity, ideally complemented by deep subject-matter expertise in product security, embedded systems, or OT security - Profound knowledge of security architectures, cryptographic concepts and mechanisms, as well as common attack vectors, exploitation techniques, and threat scenarios - Extensive hands-on experience with established security tools and technologies, particularly SAST, DAST, and fuzzing, as well as ideally additional approaches for automated security validation and testing - Strong expertise in the development of secure software solutions, applying recognized secure coding principles and security-by-design development practices - Very good knowledge of relevant standards, frameworks, and regulatory requirements in the fields of information security, product security, and industrial cybersecurity, ideally including IEC 62443, NIST, or comparable frameworks - Demonstrated experience in performing threat analyses, vulnerability assessments, and risk evaluations, particularly using established methodologies such as STRIDE, DREAD, or comparable approaches - Solid understanding of agile development methodologies and collaborative ways of working, as well as experience operating effectively in cross-functional and interdisciplinary development environments - Relevant certifications such as CISSP, CISM, CSSLP, GSEC, or comparable qualifications are considered a strong asset

• Ways of working: - Strong communication and presentation skills to convey complex security topics clearly- Analytical thinking as well as a structured and solution-oriented approach- High sense of responsibility, initiative, and team orientation

• Languages: You impress us with very good English skills, both written and spoken. Good German skills are an advantage

You are much more than your qualifications, and we believe in the potential of every single candidate. We look forward to getting to know you!
At Siemens, we believe that feeling valued and included is the foundation for doing great work. That’s why we aim to create an inclusive workplace where everyone feels a sense of belonging, and where individual perspectives and experiences are celebrated. Our commitment to fairness and respect extends to every applicant.
As an equal opportunity employer, we welcome applications from individuals of all backgrounds and particularly encourage applications from persons with disabilities.

About us
We develop networks that supply our cities more intelligently with light and heat, and we have extensive expertise in automation and digitalization for the process and manufacturing industries. For this — and for many other forward-looking projects — we need bright minds who actively contribute their skills and creativity. People like you! Help us tackle and implement the most exciting challenges together, focusing on what really matters. What we offer you is the opportunity to truly make a difference. So what are you waiting for? Take the next step in your career with us!
www.siemens.de/careers – if you would like to find out more about jobs & careers at Siemens.
FAQ  – if you need further information on the application process.