Cybersecurity Architect

Cybersecurity Architect – Overview

As a Cybersecurity Architect, you will play a pivotal role in shaping and strengthening the organization’s cybersecurity posture. The role translates governance intent into actionable, measurable, and technically feasible security designs, and serves as the technical backbone and content authority for cybersecurity across Foundational Technologies (FT).

Foundational Technologies (FT) provides the technical foundation for Siemens Xcelerator on the journey toward becoming ONE Technology Company. The FT CYS strategy aligns with Siemens’ overall cybersecurity strategy and is based on industry standards such as the NIST CSF v2, ISO 27001, and IEC 62443.

• Shape and strengthen the cybersecurity posture of the organization.
• Translate governance intent into actionable, measurable, and technically feasible security designs.
• Serve as the technical backbone and content authority for cybersecurity across FT.
• Drive the adoption and implementation of NIST CSF v2.0 by defining actionable, technically sound baselines and patterns.
• Translate Siemens Corporate Cybersecurity standards (e.g., SC236) into FT‑specific architecture and technical controls, ensuring consistency across cloud, on‑premise, and research environments.
• Develop and maintain the FT cybersecurity baseline, defining the minimum technical requirements for asset management, vulnerability management, and incident response.
• Identify and address content or integration gaps between Corporate Cybersecurity and FT departmental services to improve alignment and reduce redundancies.
• Create and maintain a technical security backlog and roadmap, ensuring continuous improvement of FT’s cybersecurity posture.
• Act as the technical liaison to Corporate Cybersecurity architects.
• Partner with Cybersecurity Officers across FT units to enable consistent implementation and measurement of the security baseline.
• Support key initiatives in asset discovery, vulnerability remediation, and incident management, including architecture reviews and tool enablement.
• Represent FT on relevant internal cybersecurity architecture forums.

• Master’s degree in Computer Science, Information Security, or a related field.
• Relevant certifications such as CISSP, CCSP, CCSK, GDSA, SABSA, or SCP.
• Confirmed long‑term experience in cybersecurity architecture and strategy.
• Ideally, prior work in engineering, R&D, or administration/operation of IT/OT.
• Validated hands‑on implementation experience with cybersecurity controls across the technology stack, including on‑premise, edge, cloud (AWS and Azure).
• Confirmed professional experience in information security with sound knowledge in risk, vulnerability, and incident management and reporting.
• Must have previous experience supporting as technical lead for Vulnerability Management programs.
• Solid understanding of NIST CSF v2.0 and cybersecurity maturity models.
• Experience working with cross‑functional teams including product architects and infrastructure managers to handle operational cybersecurity risks.
• Ability to identify security gaps and define actionable roadmaps.
• Familiarity with corporate cybersecurity frameworks and enterprise risk management.
• Collaborative and communicative, able to work across departments and with senior leadership.
• Fluent in English (German is a plus).

• An attractive remuneration package.
• Hybrid working:
  Achieve a balanced work‑life balance with flexible working arrangements.
• Pension plan:
  Secure your future with a generous pension scheme, with employer contributions up to 10%.
• Time off: 26 days of annual leave (plus bank holidays), with the option to buy or sell an additional 5 days.

We are fully committed to providing equal opportunities and building an inclusive workplace where a broad range of backgrounds and perspectives thrive. We embrace the many ways people think, learn, and experience the world—and we know that diverse minds drive innovation. To support you during the application and interview process, please let us know if you have any specific requirements.