About Siemens
As part of the global Cybersecurity Assurance function, we help Siemens to achieve their goals by providing objective, factual and independent assurance to the Siemens Managing Board and Audit Committee. As a business partner to Siemens executive management, we leverage our expertise in a wide range of topics to create an impact that drives change. We offer a vibrant and inclusive environment which ensures a variety of perspectives and enables big picture thinking.
Your Responsibilities
- Lead and inspire our diverse, international ethical hacking team, managing Red Team activities within Cybersecurity audit engagements.
- Assess and anticipate threats from various actors, vulnerabilities, and weak points. Design and execute attack scenarios across Siemens IT/OT infrastructure to uncover risks.
- Drive high-impact assessments on Siemens IT systems, applications, products, services, factories, and software development centers. Communicate findings clearly to management and enable effective action.
- Own senior stakeholder relationships during Red Team engagements, ensuring trust and transparency.
- Collaborate with industry experts to tackle root causes and drive innovative solutions to modern Cybersecurity challenges.
- Represent Siemens globally at leading Cybersecurity conferences - as a participant and speaker.
Your Profile
- 12+ years of experience in Siemens or a related industry, with a proven track record in offensive security, plus demonstrating continuous career growth.
- Proficiency in one or more areas such as application and software security, Red/Blue Teaming, industrial IT/OT security solutions, network security, IT operations, and penetration testing.
- Proven ability to lead and inspire a team of highly skilled professionals. Experience in career development, coaching, and fostering a high-performance culture.
- Ability to translate technical findings into business impact and actionable recommendations. Strong understanding of risk management and how Cybersecurity ties into business objectives.
- Degree in IT, Computer Science, or related fields; certifications such as GIAC GPEN, GXPN, OSCP, or OSCE are highly valued.
- Strong scripting and programming skills in languages like Bash, Python, Ruby, PowerShell, and C++/C#.
- Demonstrated experience in Capture the Flag (CTF) events, bug hunting, or vulnerability research (CVEs).
- Strong interest in staying ahead of Cybersecurity trends in a fast-changing environment.
What We Offer
- Flexibility: 2-3 days of mobile working per week as part of our global standard.
- Inclusive Culture: An environment where everyone can bring their whole self to work and feel a true sense of belonging.
- Time for You: 30 vacation days plus flexible working models to balance personal and family needs.
- Financial Benefits: Share matching programs to become a Siemens AG shareholder and a solid pension plan for long-term security.
- Continuous Growth: 50+ learning hours per year for both personal and professional development.