Associate (m/f/d) - Cybersecurity Process Audit

Job description

Location: Munich
Department: Controlling and Finance
Mode of Employment: Unlimited / full-time

Accelerate your career. Become a leader.

Controlling and Finance Assurance (CF A) helps Siemens to achieve their goals by providing objective, factual and independent assurance to the Siemens Managing Board and Audit Committee. As a business partner to Siemens executive management, we leverage our expertise in a wide range of topics in order to create an impact that drives change with improved financial results. We offer a vibrant, diverse and inclusive environment which ensures a variety of perspectives and enables big picture thinking.

CF A is a unique Global Leadership Development Program inside Siemens, stretched over a period of three to five years. We offer continuous career coaching and mentoring throughout the program, all whilst working with top Siemens business leaders on multiple high-profile projects around the world. This is your chance to build your network within the company, develop your operational experience and prepare yourself for a leading role.

The Cybersecurity team of the Cybersecurity and Applications Practice provides core assurance over the cybersecurity health of the company which includes IT and R&D infrastructures, product security, and cloud applications. We are on the lookout for people with a great skillset, an international mindset and new ideas who understand Siemens businesses and how Cybersecurity helps enable and increase market value. Are you one of them? The Cyber Security Assurance is currently looking for professionals on various experience- levels in Munich.

What part will you play?
You will identify, assess, measure and monitor cybersecurity risks by performing hands-on risk assessments of processes and controls. Using your strong analytical skills, you will identify security gaps and explore further to find their root causes.
As valuable member of the assurance team you prepare and conduct cybersecurity audits on Siemens IT systems, products, services, factories, and software development centers. During this process you highlight important observations, translate technical findings into management information so that they can take effective actions. You also participate in closing meetings with the management team.
In your new role you assess cybersecurity in Siemens' most innovative products: From the product security features, to the software development lifecycle and the respective software development environments.
Moreover, you would be assessing the cybersecurity governance of Siemens internal organizations together with the team, including policy and processes in place such as incident handling and response, threat detection, vulnerability management, etc.
You work closely with security experts from multiple industries to improve their solutions by tackling the root cause of the issues and find innovative solutions to modern challenges.
What you need to make real what matters.
Strong academic history with a degree in IT, Computer Science or other related fields; certifications such as CISSP, CISA, CISM are a plus
At least 2+ years of professional experience within Siemens or a related industry, or a 'Big 4' accounting firm or a consultancy in the fields of IT security audit and / or development of industrial IT services and solutions with a proven record of continuous career development.
Demonstrated affinity to learn about the latest trends in cybersecurity and keep up to date in a continuously challenging environment.
Good communication, presentation and project management skills and the drive and to find innovative solutions and establish them in the CFA environment.
Ideally you have experience in some the following aspects: application and software security, cloud environments, IT general controls, industrial security controls, information security management systems (ISMS), networks security, penetration testing, security architecture, SAP security
Strong understanding of industry standards such as the NIST Cybersecurity Framework (e.g.,NIST 800-53), ISO 27001/02, IEC 62443 and CIS Top 20 Critical Security Controls.
Fluency in German and English willingness to travel internationally up to 50% of your time with experience in working in multicultural environments.
To discover more about CF A have a look at

Any questions left?
Click here if you wish to find out more about Siemens before applying.

As an equal-opportunity employer we are happy to consider applications from individuals with disabilities.

Organization: Controlling and Finance

Company: Siemens AG

Experience Level: Experienced Professional

Job Type: Full-time