15 days old

Junior Information Security Officer

Charlotte, NC
**Junior Information Security Officer**

Locations:Charlotte, North Carolina

Job Family: Research & Development


English (US)

**Job Description**

**Division:** Digital Factory

**Business Unit:** Product Lifecycle Management-PLM

**Requisition Number:** 222804

**Primary Location:** United States-North Carolina-Charlotte

**Assignment Category:** Full-time regular

**Experience Level:** Mid level

**Education Required Level:** Bachelor's Degree

**Travel Required:** 10%

**Division Description:**

Siemens Digital Factory offers a comprehensive portfolio of seamlessly-integrated hardware software and technology-based services in order to support manufacturing companies worldwide. Siemens PLM Software, a Plano, Texas-based business unit of the Digital Factory Division, is a leading global provider of product lifecycle management (PLM) and manufacturing operations management (MOM) software, systems and services with over nine million licensed seats and more than 77,000 customers worldwide.

For more information, please visit:


**Job Description:**

As a junior information security officer you will have key

responsibilities in defining, planning, implementing, and automating

security processes for Siemens PL environments that meet or exceed the

objectives. Key deliverables include supporting the investigation and

resolution of incidents; support the resource requirments of

development; integrate security into the CI/CD pipeline; support the

roll out of best practice standards; work with and support the CSO &

compliance officer; meet compliance and create best practice standards

for cloud services; and document all processes.

A successful candidate will be a self-starter, have a solid

understanding of security policies, processes, demonstrated an ability

support multiple, large initiatives simultaneously, and support

management to achieve results while maintaining a high velocity of

activity across the security program. The ideal candidate will be

experienced with agile development methodologies and able to drive

agile processes throughout the security teams.

Provide support to the CSO in the area of security compliance and risk

management function within the Siemens PL cloud services group

* Support the information security policy projects and tasks

* Lead security awareness and training initiatives

* Perform phishing exercises & threat assesments on a regular cadence

* Work with teams to dentify security gaps prior to PEN testing &

schedule PEN testing for services

* Support compliance officer in achieving industry certifications (e.g.

ISO 9001, SOC, FedRAMP, etc.)

* Contribute security best practices to Operations strategy planning,

design, implementation, and maintenance activities

* Support the security team to ensure the production environment is

operating in accordance with established security procedures and best


* Align security policies to industry standards

* Acts as an advocate of information security, GRC (Governance, Risk

management & Compliance), and privacy programs across the organization

* Maintain security policy program in accordance with industry

standards and requirements

* Create & evaluate reports and performance metrics on security policy

for the teams

* Provides analysis of policy activities including: policy impacts on

IT systems; procedural integration and alignment to policy;

alternatives analysis; and policy rollout or implementation plans

* Writes, edits, and maintains information security policies,

procedures, standards, and guidelines

* Develops, manages, and maintains enterprise wide phishing campaigns &

threat assesments to test security awareness and training

* Develops, manages, and maintains enterprise wide security awareness

and training programs

* Collaborate closely with other departments to ensure that the

information security policy, compliance, and risk management

requirements are met

* Ensures that Siemens PL Cloud Services maintain compliance to

generally accepted security practices which are reinforced through

sound security policy

* Support business units in responding to audits and other information

requests, and assists or coordinates the responses to policy inquiries

*Ensures that all policy projects are delivered on-time, within scope,

and within budget

* Report and escalate security project issues to management as needed

* Coordinate with the IT, Information Security, andother stakeholders

* Supports in GRC activities to minimize business or project risks

* Other duties as assigned


* Bachelors Degree in Business, Management, Computer Sciences, or

equivalent prior work experience in a related field

* Current Information Security Certification (e.g. CISSP, CISM, CISA,

or related security certification) preferred or the ability to attain

one within 6 months of hire

* Excellent client-facing and internal communication skills

* Excellent written skills and a demonstrated ability to express

technical requirements in words through technical documentation

* Understanding of security products and concepts such as firewalls,

VPNs, IDS and other security devices

* Understanding of information security risk management frameworks such

as ISO 27001, NIST, NIST 800-190, etc.

* Experience developing, tailoring, updating, and managing security

policy lifecycles

* Experience with system automation at an enterprise level

* Experience with networking and network/system security, including

firewalls, VPN, routing, switching, load balancers, monitoring,

security and DNS

* Ability to manage goals, track milestones and report on status

* Act as a technical resource for a variety of information security

projects that arise from current business and technological


* 2+ years of IT experience (or a Masters Degree)

* 2+ years experience with open source tools (Linux, Python, Git,



*Willingness/ability to work off-shifts (evening, night-time, weekend)

as needed or required

* Knowledge of risk assessment procedures, policy formation, role-based

authorization methodologies, authentication technologies, and security

attack pathologies

* Ability to work effectively in both an independent and team


* Must have the ability to communicate technical and security-related

concepts to a broad range of technical and non-technical staff,

security vendors, consultants and senior management

* Possesses strong interpersonal skills

* Experience with security program development

* Knowledge and understanding of application, container, database,

cloud native, and OS level security

* Excellent problem solving and analytical ability

* Requires use of a wireless handheld device with messaging capability

Preferred Qualifications:

* System administration experience, including troubleshooting, support,

mentorship/training, and oversight in an enterprise setting

* AWS security services such as Macie, Sheild, WAF, IAM, GuardDuty, &

Trusted Advisor

* Strong nderstanding of Internet security considerations in web and

application development cloud native environments

* Strong base for software architecture and design including

inter-process communications, asynchronous processing, micro-services,

message queueing, interfaces, and API development

* Terraform, CloudFormation, Ansible, Jenkins, CodeSuite or equivalent


* 2+ years of cloud native application security experience

* 2+ years' experience with full-stack development of web interface


* 3+ years of Linux administration & troubleshooting

* 3+ years shell scripting - sh/bash/ksh

* 3+ years of experience in an Enterprise IT environment

* Experience managing network monitoring systems

* Experience with design, develop, and configuration of information

security tools

Want to find out more about Cloud and MindSphere at Siemens PLM Software? Watch this great video!


**Equal Employment Opportunity Statement**

Siemens is an Equal Opportunity and Affirmative Action Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to their race, color, creed, religion, national origin, citizenship status, ancestry, sex, age, physical or mental disability, marital status, family responsibilities, pregnancy, genetic information, sexual orientation, gender expression, gender identity, transgender, sex stereotyping, protected veteran or military status, and other categories protected by federal, state or local law.

**EEO is the Law**

Applicants and employees are protected under Federal law from discrimination. To learn more, Click here at https://www.dol.gov/ofccp/regs/compliance/posters/ofccpost.htm .

**Pay Transparency Non-Discrimination Provision**

Siemens follows Executive Order 11246, including the Pay Transparency Nondiscrimination Provision. To learn more, Click here at https://www.dol.gov/ofccp/pdf/pay-transp_formattedESQA508c.pdf .


  • Information Technology
  • Healthcare
  • Manufacturing / Production
  • Administrative / Clerical
  • Financial Services

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Junior Information Security Officer

Charlotte, NC

Share this job

Junior Information Security Officer

Charlotte, NC

Separate email addresses with commas

Enter valid email address for sender.

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast