SHARE YOUR PASSION.

Networking ideas and skills is the prerequisite for redefining mobility. This is only possible with an IT infrastructure that meets the highest demands - especially in the area of IT security. The more complex a system becomes, the greater the risk of cyber-attacks. In order to develop adequate protection measures, we need IT security experts who understand the requirements of demanding users as well as the various functionalities of innovative IT systems. They have to live and breathe all-embracing IT security to develop counter-measures using innovative solutions with passion, personal responsibility, team spirit and attention to detail.

Main Activities and Responsibilities:

• Security incident management (SIM).
  • Handling Security Incidents. This includes investigation, prioritization, routing and escalation of local and global Security Incidents · Security Incident related information dissemination.
  • Create action plan for  Security Incidents
  • Operational Manager SIH is the single point of contact for the management.
  • Conducts lessons learned for Security Incidents with high priority.
  • Manage phases of SIM - · Detect · Triage · Response.
  • Triggering the Response Activities (if possible by an Incident ticket)· Coordination of Response Activities · Explanation of gathered information (follow-up on questions) · Preparation of documentation · Collection. of evidence · Checking that mitigation, recovery and fix are sufficient (at least for high priority Security Incidents).
  • Information and notification of affected parties via defined communication channels · Hand over Information to the Info-Manager (if helpful).
  • Coordination of all tasks to handle the global/Regional Security Incident especially between the local Application responsibilities.
• Vulnerability management.
• • Shall be conversant with scanning tools like Nessus and Thor.
  • Vulnerability Alerting and forwards this information to the responsible parties within BMW to perform steps (RBS-Risk based security Feeds and Vendor Specific Alerting).
  • Support Vulnerability Scanning, Alerting, SIHP, etc.
• Security architecture support for software development.
  • Advises the software products to design the security system and advices on appropriate components to add.
  • Support and advice on the results of Pen Testing, Host Assessement, Code Check, Threat Modelling, System hardening, ITSN Conformity.
  • Support on the eGRC Requirements, like PIA, ICL.
• Cloud Security Specialist (AWS).

Qualifications and Experience:

• Minimum 12 Years of Experience in IT Product development including minimum 5 years of experience in Cyber security Specialist hands on roles.
• Graduation in Engineering in the IT Domain.
• Diploma/ or more in cyber security related courses preferred.
• AWS Security Certification.
• Should be able to communicate seamlessly with stakeholder, strong stakeholder management skills required.

Are you looking for an exciting challenge? Then join our team. We look forward to receiving your application.