Siemens Healthineers develops MedTech products that support better patient outcomes with greater efficiencies, giving providers confidence that they need to meet the clinical, operational, and financial challenges of a changing healthcare landscape. With 70,000+ employees Siemens Healthineers is one of the world’s largest suppliers of technology to the healthcare industry. As a global leader in medical imaging, laboratory diagnostics, and healthcare information technology, we have a keen understanding of the entire patient care continuum—from prevention and early detection to diagnosis and treatment.

Brief Description:

The Cybersecurity Management System (CYSMS) is a structured framework of processes, technology, and people designed to protect and manage organizational information assets, covering Information Security and Data Privacy, and is compliant with ISO/IEC 27001:2022. Corporate Cybersecurity oversees the establishment and continual improvement of CYSMS, using a multi-site certification approach to standardize practices across all locations.

As a Senior Information Security Professional, you will onboard new sites globally into CYSMS Multisite certification and maintain their certification through ongoing improvements, audits, and preparation for external reviews.

To successfully implement this multi-site approach, we need YOU!

Key Responsibilities :

You will be working with global team for onboarding new locations across the globe into CYSMS Multisite certification, by performing gap analysis, guiding sites through remediation and process fixes, conducting/coordinating internal audits and management reviews and preparing for external audit.
Main responsibilities are:

• Lead onboarding of new global locations into CYSMS Multisite certification, including gap analysis, remediation, internal audits, and management reviews.
• Maintain ISO 27001 certification across all sites, planning milestones, conducting audits, and ensuring continual improvement.
• Guide information security professionals and coordinators in implementing ISO 27001 controls.
• Coordinate with global Cybersecurity and SHS functions to meet requirements and regulatory standards.
• Conduct regular risk assessments and ensure compliance with ISO 27001 and CYSMS requirements.
• Develop and maintain local security policies and documentation as needed.
• Oversee operational security measures, support incident response, and ensure timely resolution and documentation.
• Follow up on audit recommendations, maintain audit trails, and extend implementation to additional standards (e.g., ISO/IEC 27701, GDPR) as required.
• Monitor and review CYSMS effectiveness, document outcomes, and drive continual improvement.
• Share insights and best practices to support cross-site harmonization and readiness for multi-site ISO/IEC 27001 certification.

What do I need to qualify for this job?

• Bachelor’s degree in engineering, Information Security, Computer Science, or a related field with  10+ years of working experience in Information Security space. Must possess Lead Auditor certification in ISO 27001 standard for at least 5 years. Must have been directly responsible for planning & executing external audits for certifications.
• Proven experience of working as a lead in a global cross-functional organizational setup for 2-3 years.
• Strong understanding of ISO 27001 requirements, information security principles, risk management, IT infrastructure set up and regulatory requirements.
• Previous experience in transitioning a large organization (2000+ employees) from 2013 standard to 2022 standard of ISO 27001 or similar experience is highly preferred.
• Proven experience in implementing ISO 27701 PIMS standards or GDPR (Data Privacy) in a large organization is highly preferred.
• Proven ability to coordinate many stakeholders from various departments to achieve a common result for the organization.
• Excellent communication, presentation and interpersonal skills along with ability to make decisions for complex scenarios and proven ability to handle escalations. Proven ability to report and present to leadership team.
• Familiarity with Software development best practices for ensuring security.
• Previous experience with Governance responsibilities at global level will be preferred. You may be required to travel to global locations on need basis, which is expected to be approximately around 30%-40% a year.
• Shall work in a holistically driven security environment, combination of Information Protection, Cybersecurity, Corporate Security, HR-Security and more

What else do I need to know?

• Familiarity with ISO/IEC 42001 (Standard for AIMS).
• Familiarity with ISO/IEC 22301 (Standard for BCMS)

Siemens Healthineers is dedicated to equality, and we welcome applications that reflect the diversity of the communities we work in. All employment decisions at Siemens Healthineers are based on qualifications, merit and business need. Bring your curiosity and imagination and help us shape tomorrow.

We are looking forward to receiving your online application. Please ensure you complete all areas of the application form to the best of your ability as we will use the data to review your suitability for the role.

What do we offer:

• Variable and Christmas bonus
• Hybrid type of work – combination of work from home & work from office(telework / homeoffice)
• Flexible Working Hours
• Bridge days – free extra paid leave 6 days per year
• 3 sick days per year (no doctor’s permit needed)
• In case of sickness 100% salary reimbursement 20 days/ year, this includes max. 10 days/ year for of family care
• Additional pension plan
• 300 EUR for regeneration of work force via cafeteria system
• Multisport Card – employer's contribution of 10 EUR
• Recognition and Reward program
• Wellbeing program – Psychological, Legal and Financial Councelling
• Family care program (subsidy for newborns, maternity leave, kindergardens, summer camps)
• Retention program (work anniversary, life anniversary, employee loans)
• Training and development program (business and product trainings, e-learning, language courses, soft skills trainings,…)
• Adjustable standing desk as a standard
• Wide project portfolio in healthcare domain and job rotation within company (Cybersecurity, Artificial Intelligence, Healthcare IT services, …)
• Participation on world famous IT conferences like Microsoft IGNITE for best employees

Basic wage component (gross) and other rewards : starting from 3500 EUR brutto /month + VAR*

*We are required by law to disclose basic wage component (minimum salary) for the advertised positions. We carefully consider your professional qualifications and experience in our compensation package and/or when offering you other positions.

Our goal is to pay our employee's fairly, with regard to the market situation and we are ready to welcome high-quality candidates in our team.

How we work:

When you join Siemens Healthineers, you become one in a global team of scientists, clinicians, developers, researchers, professionals, and skilled specialists, who believe in each individual’s potential to contribute with diverse ideas. We are from different backgrounds, cultures, religions, political and/or sexual orientations, and work together, to fight the world’s most threatening diseases and enable access to care, united by one purpose: to pioneer breakthroughs in healthcare. For everyone. Everywhere. Sustainably. Check our Careers Site at https://www.siemens-healthineers.com/sk

As an equal opportunity employer, we welcome applications from individuals with disabilities