IT Assurance & Compliance Expert at Siemens Energy

How You’ll Make an Impact

• Responsible to plan, design and performs IT control testing, including managing third-party assessor contractors, to precise standard required by various external frameworks (e.g. NIST Cyber Security Framework, ISO, PS850, PCI-DSS, Data Privacy, HIPAA, others.)
• Partners with the IT Infrastructure and Application teams to evaluate the design and effectiveness of the IT control environment and to develop solutions for remediation tracking
• Directly facilitate and coordinate with internal and external IT auditors
• Provide accurate and timely communications to Global IT Leadership and impacted IT Management to disclose identified IT deficiencies for remediation, including providing recommendations of implementation or modifications to improve compliance and mitigate risks.
• Reviews testing and analyses performed, including assessments completed by contractors, to monitor IT control evaluation results according to internal and external standards
• Supports IT leadership in responding to internal and external queries regarding the IT control environment.
• Upholds the Siemens Energy Code of Conduct.

What You Bring

• [Bachelor’s / Master’s degree in technology
• Minimum 7 years of experience in Information Technology including experience with external supplier management. The ideal candidate would posses a minimum of 4 years in IT Compliance or IT Governance function and proven track record of managing IT audit engagements and requirements, e.g. SOC 1/SOC 2 /ITGC Testing, SOX, PS850, ICFR.
• Solid experience in driving / leading IT control reviews and assessments including senior management presentation delivery and time-saving innovations developed to achieve objectives.
• Strong working knowledge of IT processes, risks, and controls in the computer operations, system development, change control, and security functions.
• Ability to clearly interpret and communicate identified IT threats, risks and impacts to all levels of an organization and manage the resulting remediation.
• Solid project management abilities as well as excellent oral and written communication skills.
• Experience with regulations, policy, standards, procedures or other requirements which requires IT compliance.
• Experience performing IT control assessments in SAP is desired.
• Experience working with ServiceNow, MS SharePoint, and Data Analytics platforms is preferrable.
• Good to have experience with ServiceNow GRC/MetricStream/SAP GRC module.
• Must have: CISA or ISO27001 Lead auditor certification desired.