Application Security Expert (m/f/d)

Join Siemens Smart Infrastructure Cybersecurity team as an Application Security Expert and shape how we embed security into every layer of our development and operations ecosystem. You'll work at the intersection of cybersecurity, cloud infrastructure, and DevOps practices-designing and implementing security controls that protect critical infrastructure while enabling teams to move fast and innovate confidently. This role bridges the gap between security strategy and operational reality, ensuring that security becomes an enabler, not a bottleneck.

• Evaluate complex application architectures and integration scenarios, identifying security risks and recommending suitable controls aligned with ISO27001, IEC62443, and industry standards
• Conduct risk assessments and consult business units on mitigating countermeasures, balancing security requirements with business objectives
• Share expertise across the Siemens cybersecurity community, contributing to knowledge development and best practices
• Represent the Smart Infrastructure Cybersecurity team in corporate initiatives and cross‑functional security projects
• Stay current with emerging threats, security frameworks (including AI Security frameworks such as OWASP GenAI and MITRE ATLAS), and cloud security innovations

• A university degree in Computer Science, IT Security, or equivalent professional education
• A minimum of 3 years' experience in application security architecture and endpoint protection
• Strong knowledge of security standards and regulations (ISO27001, IEC62443) and proven ability to translate them into actionable security concepts
• Solid understanding of Microsoft Azure Cloud and Microsoft Power Platform security architectures
• Proficiency in English; German language skills are a valuable asset
• Ability to think strategically while executing tactically—bridging security architecture with real‑world implementation
• Passion for continuous learning and staying ahead of the cybersecurity curve
• Strong communication skills to translate complex security concepts for both technical and non‑technical stakeholders

• Experience with other cloud providers (AWS, Google Cloud) and their security models
• Hands‑on experience securing CI/CD pipelines, container technologies (Docker, Kubernetes), or Infrastructure‑as‑Code frameworks
• Familiarity with AI Security Frameworks and their practical application in modern architectures
• Experience with security automation and tooling in DevOps environments
• Background in critical infrastructure protection or industrial cybersecurity
• Contributions to open‑source security projects or active participation in the cybersecurity community

• An environment where everyone can bring their whole self to work and feel a sense of belonging.
• Hybrid work model to enjoy the best of both worlds: collaborate onsite with colleagues and take advantage of remote flexibility.
• A workplace that values curiosity and guarantees continuous learning, with development opportunities for both personal and professional growth.
• Share matching programs to become a shareholder of Siemens AG.
• A wide range of flexible benefits for you and your family to enjoy. Click here if you want to learn more https://preview.siemens.com/es/es/empresa/empleo/beneficios-de-siemens.html

At Siemens, we value the diversity of our teams, promote equal opportunities, and foster an inclusive work environment. We welcome talent without distinction, respecting and supporting all forms of diversity. Our Equality Plan, in accordance with current legislation, ensures fair and transparent treatment, and reinforces our commitment to building an increasingly equitable and diverse workplace.

#LI-DL #Hybrid