Job Description

A Snapshot of Your Day

Our Industrial Cybersecurity department is seeking a highly qualified and driven industrial cybersecurity specialist to support vulnerability management efforts within the Product and Solutions domain. As an Industrial Cybersecurity Specialist, you will play a critical role in ensuring the security posture of wind power plants by proactively identifying and supporting the remediation of potential security risks. You will become part of the Industrial Cybersecurity Technical Competence Center (TCC), a diverse and international team of experienced cybersecurity professionals supporting the business and development teams in securing systems by default across Product and Solutions, Manufacturing IT and Business managed IT. In this role you will play a key role in supporting and enhancing the vulnerability management process to strengthen the security posture of Siemens Gamesa's products and solutions. The responsibilities include:

How You'll Make an Impact

Driving and continuously improving the vulnerability management process. Staying up to date with emerging security threats, vulnerabilities, and industry best practices to continuously improve our vulnerability management program. Assessing identified vulnerabilities by analyzing their severity, exploitability, and relevance to Siemens Gamesa's products and solutions. Collaborating with cross-functional teams to define and implement effective remediation strategies and action plans. Supporting the development of mitigation plans to address vulnerabilities by applying patches, implementing alternative safeguards, or facilitating risk acceptance decisions. Advising stakeholders on security best practices and providing recommendations for effective vulnerability treatment. Reporting on vulnerability findings, remediation efforts, and overall security posture to senior management and relevant stakeholders. Knowledge and experience with SCADA and Industrial Control Systems. Relevant cybersecurity certifications such as CEH, OSCP, PNPT, GICSP, ISA/IEC 62443 Cybersecurity Expert. Experience with widely recognized OT cybersecurity standards, including ISA/IEC 62443, NIST SP 800-82, and ISO 27001. Experience with regulatory compliance requirements specific to OT environments (e.g., NIS2 NERC CIP, EU Cyber Resilience Act).

What You Bring

Several years of experience in cybersecurity, product security or OT security. A degree in Cybersecurity, Information Technology, Computer Science, or a comparable field. Proven expertise in vulnerability management, including conducting assessments, performing security testing, and developing remediation strategies. Deep understanding of common security vulnerabilities, attack vectors, and exploitation techniques. Hands-on experience with industry-standard vulnerability scanning techniques and tools (e.g., Nessus, Qualys, Burp Suite, OWASP ZAP). Familiarity with industry-standard SCA and SAST techniques and tools (BlackDuck, Snyk, SonarQube). Strong analytical and problem-solving skills, with the ability to effectively assess and prioritize risks. Excellent communication and interpersonal skills, with the ability to collaborate across functions and convey technical concepts to non-technical stakeholders. Demonstrated ability to work independently and manage multiple projects in a fast-paced environment.

Who is Siemens Gamesa?

Siemens Gamesa is part of Siemens Energy, a global leader in energy technology with a rich legacy of innovation spanning over 150 years. Together, we are committed to making sustainable, reliable, and affordable energy a reality by pushing the boundaries of what is possible. As a leading player in the wind industry and manufacturer of wind turbines, we are passionate about driving the energy transition and providing innovative solutions that meet the growing energy demand of the global community. At Siemens Gamesa, we are always looking for dedicated individuals to join our team and support our focus on energy transformation.

Our Commitment to Diversity

Lucky for us, we are not all the same. Through diversity, we generate power. We run on inclusion and our combined creative energy is fueled by over 130 nationalities. Siemens Energy celebrates character - no matter what ethnic background, gender, age, religion, identity, or disability. We energize society, all of society, and we do not discriminate based on our differences.

Rewards/Benefits

All employees are automatically covered under the Medical Insurance. Company paid considerable Family floater cover covering employee, spouse and 2 dependent children up to 25 years of age. * Siemens Gamesa provides an option to opt for Meal Card to all its employees which will be as per the terms and conditions prescribed in the company policy as a part of CTC, tax saving measure.