Cybersecurity Supplier Assessor (f/m/d) with German
About the Role
Location Germany Bayern Erlangen
1. Country: Germany
Remote vs. Office Hybrid (Remote/Office) Company Siemens Energy Global GmbH & Co. KG Organization EVP Global Functions Business Unit Digital Core Full / Part time Full-time Experience Level Experienced Professional A Snapshot of Your Day Embark on a dynamic journey as a Cybersecurity Supplier Assessor at Siemens Energy, as no two days are the same! In this role, you will dive into supplier assessments, collaborating with key stakeholders on identifying critical suppliers and ensuring compliance with cybersecurity standards throughout the process. Your day will be a mix of evaluating security controls, analyzing risks and driving innovation through tools and process improvements. You will have the opportunity to build on your interests and skills through development as a subject matter expert in key areas of cybersecurity third party risk management. Finally, you will be engaging with the most dynamic and interesting global Cybersecurity Third Party Risk Management team on the global!How You’ll Make an Impact
2. Conduct thorough assessments of cybersecurity practices and third-party controls to identify risks and gaps in security posture
3. Work closely with collaborators such as procurement and legal to build and carry out improvement strategies and negotiate cybersecurity terms in supplier contracts
4. Drive innovation and enhance efficiencies throughout the supplier assessment lifecycle using lean methodologies
5. Provide expertise and mentorship on cybersecurity standard methodologies to internal teams, collaborators, and suppliers
6. Stay updated on cybersecurity trends and emerging threats to continuously improve assessment methodologies
7. Lead multiple projects while maintaining effective communication with all key collaborators to ensure third-party suppliers meet the highest security standards
What You Bring
8. University degree in computer science, data science, information technology, legal fields, or a related technology/business management discipline
9. Fluency in German and English and readiness for occasional business trips (around 10-20% of the time)
10. Familiarity with information security risk methodologies and frameworks like ISO 27001, NIST, and COBIT, as well as industry standard processes for secure cloud computing
11. Deep understanding of cybersecurity principles, strong analytical abilities, and knowledge of security standards for networks, services, and products
12. Excellent communication and presentation skills, with the ability to collaborate effectively across functions, including procurement, legal, and suppliers, and engage with all organizational levels
13. Experience in managing supplier assessments and integrating security processes, with a focus on documentation and risk management, along with a commitment to continuous improvement and innovation