Information Security Officer

The Mendix organization at Siemens Digital Industries Software is seeking a proactive and expert Information Security Officer to join our dynamic team. In this critical role, you will be instrumental in safeguarding our information assets, ensuring compliance with evolving regulatory landscapes, and encouraging a robust security culture across the organization. This position offers a significant opportunity to contribute to the integrity and resilience of our digital infrastructure.

As an Information Security Officer, you will be responsible for a range of strategic and operational security initiatives, including:

• →Control design & Operating Effectiveness: Design and evaluate the effectiveness of security controls, assessing their ability to mitigate risks and recommending improvements to ensure they operate as intended and achieve desired security outcomes.
• →Compliance Monitoring & Reporting: Proactively monitor compliance against various security frameworks and regulatory requirements (e.g., NIST, ISO 27001, SOC I & II, C5, ISO 42001). Provide actionable recommendations based on standards and report on progress to relevant stakeholders.
• →Audit Support: Support internal and external audits by gathering, assessing, and providing necessary evidence to demonstrate compliance.
• →Evidence lifecycle management: Manage the entire lifecycle of security evidence, from collection and secure storage to version control and eventual archival, ensuring its integrity and availability for audits and compliance checks.
• →Policy & Standard Development: Research, establish, and maintain robust information security policies, standards, and procedures tailored to specific organizational needs and emerging threats.
• →Security Culture & Communication: Communicate effectively about information security risks, standards, and policy updates, fostering a strong security-conscious culture across the organization.
• →Control Implementation & Maintenance: Collaborate with applicable departments to ensure security controls are effectively implemented, maintained, and continuously optimized.

We are seeking a dedicated professional with a solid foundation in information security and a proactive approach to risk management.

• Experience: 3-5 years of progressive experience in an Information Security, IT Audit, or Compliance role, demonstrating a solid understanding of information security principles and practices.
• Cloud Security Expertise: Solid understanding of security operations, controls, and best practices within cloud environments (e.g., AWS, Azure, GCP). Experience with cloud security frameworks and tools is highly desirable.
• Framework & Regulation Knowledge: In-depth knowledge and practical experience with a range of information security standards, frameworks, and regulations (e.g., ISO/IEC 27001 family, GDPR, SOC 2 Trust principles).
• Enterprise IT Familiarity: Familiarity with enterprise data environments, system integrations, and software development lifecycles (SDLC).
• Certifications: An independent and active information security certification (e.g., CISM, CISSP, ISO 27001 Lead Implementer, CompTIA Security+) is required.
• Analytical & Problem-Solving: Exceptional analytical and problem-solving abilities to perform detailed gap analyses, identify root causes, and develop practical, effective security solutions.
• Communication: Excellent written and verbal communication skills in English, with the ability to articulate complex security concepts clearly to both technical and non-technical audiences.
• Initiative & Collaboration: High level of initiative, self-direction, and the ability to work independently while also being a strong team player and collaborating effectively across departments.

At Siemens, we are committed to fostering an environment where our employees can thrive and make a significant impact. We offer:

• Impactful Role: The opportunity to play a pivotal role in protecting Siemens' critical information assets and ensuring compliance in a rapidly evolving digital landscape.
• Professional Growth: Continuous learning and development opportunities to expand your expertise in cutting-edge information security practices and technologies.
• Collaborative Environment: A supportive and inclusive team environment where your contributions are valued, and collaboration is key to our collective success.

A collection of over 377,000 minds building the future, one day at a time in over 200 countries. We're dedicated to equality, and we welcome applications that reflect the diversity of the communities we work in. All employment decisions at Siemens are based on qualifications, merit, and business need. Bring your curiosity and creativity and help us shape tomorrow.

The salary range for this position is €70,000- €80,000  and this role is eligible to earn incentive compensation. The actual compensation offered is based on the successful candidate’s job-related skills, experience, and relevant education/training. Siemens offers health and wellness benefits to employees; you can access the benefits available in your country via the link: Benefits | Siemens Digital Industries Software.

We invite qualified candidates to apply for this challenging and rewarding opportunity to contribute to a world-class organization.

#LI-LB1 #Saas