We are a leading global software company dedicated to the world of computer aided design, 3D modeling and simulation— helping innovative global manufacturers design better products, faster! With the resources of a large company, and the energy of a software start-up, we have fun together while creating a world class software portfolio. Our culture encourages creativity, welcomes fresh thinking, and focuses on growth, so our people, our business, and our customers can achieve their full potential.
Position Overview: We are seeking a highly skilled and motivated Lead, Product Vulnerability Management to join our team. Reporting directly to the Chief Product and Solution Security Officer, you will be responsible for overseeing all aspects of product vulnerability management, from policy development to implementation and incident handling. You will work with the business segment Product & Solution Security Officers (PSSOs), the Compliance and Quality team, as well as strengthen further the collaboration with Tech Ops DevOps team. Additionally, you will stay abreast of the latest security methodologies and technologies, driving the implementation of necessary tools for Product & Solution Security (PSS). Your role will be crucial in ensuring our products meet the highest security standards and comply with regulations such as the EU Cyber Resilience Act (CRA) and US Executive Order 14028 on Improving the Nation's Cybersecurity.
Key Responsibilities: Vulnerability Management Strategy and Policy Development:
Continuous improvement for vulnerability management policies and procedures.
Ensure alignment with industry standards, regulatory requirements (EU CRA, US EO 14028), and company objectives.
Collaborate with cross-functional teams to integrate security requirements into the product development lifecycle.Operationalize the Vulnerability Identification and Assessment:
Track progress for vulnerability assessments and scans of all Siemens DI SW products. Track remediation efforts and ensure timely resolution of identified vulnerabilities.
Work closely with development, operations, and security teams to understand the pain points and rooms for improvement in vulnerability remediation plans.
Stay current with emerging threats, vulnerabilities, and mitigation techniques and tools.Vulnerability Reporting:
Conduct thorough data analysis and generate reports to support decision-making processes.
Define, manage, and monitor Business Intelligence, Management Intelligence, and Key Performance Indicators to track organizational performance and drive improvements.Incident Handling and Response:
Interface with Siemens Product CERT to facilitate customized enablement documentation, processes and tooling to the need of Siemens DI SW.Qualifications: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field.Minimum of 1 year of experience in vulnerability management, product security.Security certifications such as CISSP or similar are a plus.Familiarity in product security testing tools as part of the Secure Software Development Lifecycle for proprietary code and 3rd party code.Some understanding of regulatory requirements, e.g. the EU Cyber Resilience Act and US Executive Order 14028.Experience in defining, managing, and monitoring Business Intelligence, Management Intelligence and Key Performance Indicators.Excellent verbal and written communication skills.Strong analytical and problem-solving abilities with a keen attention to detail.Join our team and lead the charge in ensuring the security of our products and solutions. Apply now to be part of a cutting-edge organization dedicated to excellence in security and technology!
Working at Siemens Digital Industries Software Why us?
Working at Siemens Digital Industries Software means flexibility - Choosing between working at home and the office at other times is the norm here. We offer great benefits and rewards, as you'd expect from a world leader in industrial software.
Siemens is an equal opportunity employer and values diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status.
Siemens. Making real what matters If you want to make a difference – make it with us!
#J-18808-Ljbffr