CYSO for Southern Europe is responsible for implementing cybersecurity strategy and associated measures to ensure business continuity, compliance with mandatory regulations, and safeguarding SHS business in Spain, Italy, Portugal, and Greece. The CYSO shall orchestrate and lead cybersecurity measures and activities, supporting the Zone Management team on all cybersecurity-related matters.
Key Responsibilities :
1. Understand local, regional, and market-specific cybersecurity developments to implement the necessary SEU Zone and Country-specific cybersecurity strategies, ensuring alignment with local business needs, regulatory requirements, and global SHS cybersecurity processes.
2. Oversee and drive the implementation of the corporate cybersecurity strategy within the scope of SEU Zone and Countries (Spain, Portugal, Italy, Greece).
3. Implement strategic priorities related to cybersecurity according to the Zone Strategic Business Plan and Hoshin-Kanri Breakthrough Targets.
4. Support the identification of mission- and business-critical assets and advise leadership on security posture.
5. Define and execute portfolio security strategies for assets developed in the SEU Zone and Countries.
6. Ensure cybersecurity requirements and best practices are implemented across local and global portfolios.
7. Manage cybersecurity risks in organizational portfolios and operations.
8. Lead local cybersecurity certification and compliance efforts for legal entities in the scope.
9. Support customer requests for security documentation and discussions.
10. Oversee the quality and accuracy of cybersecurity information submitted for customer questionnaires and tenders.
11. Participate in cybersecurity incident and vulnerability handling procedures.
12. Provide cybersecurity expertise and liaise with Siemens Healthineers experts.
13. Monitor regulations and legislation, liaising with authorities as needed.
14. Represent Siemens Healthineers in local security communities within the scope countries.
Requirements :
1. Master's degree in Cybersecurity, Information Security, Computer Science, Business Informatics, or related fields.
2. Relevant professional certifications (CISSP, CISM, CISA, GSLS) are preferred.
3. At least 7 years of experience in cybersecurity or information security, especially in assessing and implementing security measures.
4. Experience with the National Cybersecurity Scheme (ENS) certification in Spain is preferred.
Skills :
1. Strong knowledge of information security frameworks (ISO 27001, Common Criteria), risk management, and regulatory requirements (NIS2, ENS, Cyber).
2. Knowledge of network, application security, and secure software development principles.
3. Experience with secure operations, including monitoring and incident response.
4. Excellent communication skills for interacting with stakeholders and explaining technical concepts to non-technical audiences.
5. Analytical and problem-solving skills, with the ability to think strategically and manage multiple priorities.
6. Fluent in spoken and written English, capable of discussing technical topics effectively.
#J-18808-Ljbffr