Senior Cybersecurity Researcher: Detection & Response Here’s the right opportunity for You! We are looking for a Senior Key Expert for Research in Industrial Cybersecurity with a focus in Attack Detection and Incident Response to join our research team in Princeton, NJ! In this role, you will focus on attack detection and incident response for industrial assets and environments. A key focus of our research in industrial detection and response is to support our Business Units to create revenue streams in this topic. Hence, this is not a position focusing on protecting our own assets and networks, but a research role with clear focus on supporting the Siemens business units in advancing external business opportunities and product features. The right person will have a strong background in industrial Cyber Defense (attack detection, vulnerability management, and incident response with an industrial focus), and a strong track record in incident forensics focused on IT and OT assets and networks, as well as expertise in Vulnerability Management, general Cybersecurity, and Security Testing, and an excellent overview about existing tools and technology to support attack detection, incident handling, and general security monitoring (especially SIEM tools), as well as a solid understanding of operations technology (OT), ideally in the energy or industrial control space. We also require a background in software development to guide teams in creating convincing PoCs. Note that this is a technical expert role, so strong technical expertise and hands-on experience is a hard requirement. Your Role In this role, you will: Drive and support cyber defense research projects and activities by focusing on data flows and data analysis, to develop solutions for challenges such as: How to ensure that Siemens industrial devices generate relevant data that supports better attack detection and response orchestration, and enables meaningful forensics? How to support data collection and appropriate filtering / pre-analysis on edge devices to improve speed, accuracy, and efficiency of centralized OT-SOCs? How to improve efficiency and accuracy of forensics on industrial data and networks? How to create meaningful attack detection and incident response playbooks, and increase automation in incident response orchestration for industrial networks and assets? How to test cyber defense capabilities with ideal coverage and efficiency, and generate relevant attack artifacts (Breach & Attack Simulation)? How to enable meaningful low-cost cyber defense solutions for industrial environments? How to develop an modular attack detection and response capabilities? Projects will require to develop research ideas, scout existing technology and prior art, and generate PoCs using professional software development processes. Support Siemens Business Units in building incident response and forensics capabilities for industrial customers Devise and execute research projects in the area of reverse engineering / improving assistance for analysts seeking to respond to suspected cyber-attacks on industrial assets Create solutions for automatic analysis of software and firmware, e.g., to generate/verify an SBOM, or to facilitate firmware analysis Support and improve in-depth security testing of industrial devices, including analysis of network traffic, as well as modification of network traffic to assess susceptibility of assets to cyber-attacks Advance integration of cyber defense capabilities into smart automation Develop concepts and transfer research results into Siemens products to improve Siemens products’ Cyber Defense readiness Support business development for the team by exploring customer demand, business opportunities, and collaboration potential with and for Siemens Business Units, as well as joint research projects with external entities (e.g., for government funded research projects) Support research and consulting projects in the areas of cyber defense, monitoring and attack detection, and security testing, including software / PoC development, and supervision of junior staff, interns and internal contractors Publish and present novel ideas and techniques at selected journals and conferences. The Candidate Qualified candidates will have: 7+ years of hands-on experience in IT and/or industrial cyber defense, including attack detection, incident response, and incident forensics Sc. in Computer Science, Information Security, Mathematics, or another relevant field required Proven track record in cybersecurity research (e.g., through publications, talks, or other activities) required Technical and hands-on knowledge & experience in current attack methods, cyber defense approaches and tools (including threat hunting), incident response and forensics (ideally with proven track record in orchestration and/or automation), as well as cyber threat intelligence preferred Ability to understand, find, identify, verify, and explain attacker activity, as well as their impact on industrial environments. Review and ensure the secure configuration of OS and network devices. Certifications such as CISSP, CISM, CEH, and SANS GIAC certifications (such as GCDA, GCTI, GRID) are a plus but not required Software development experience in professional environments required Proficiency in a scripting language like Python, PowerShell, LUA, or Bash. High work ethics and sense of ownership for the delivered results Excellent communication skills in English required, German or Spanish a plus Willingness to travel, up to 20% (domestic/international) What do we offer? Our team is part of Siemens Technology (T), which is Siemens’ central Research & Development department. The team is composed of consultants, innovators, engineers, and researchers that unite a passion about cybersecurity and securing our customers’ assets and networks - in domains such as control systems used in energy utilities that are part of the nation’s critical infrastructure, smart factories, building automation systems, intelligent transportation systems, healthcare, and innovative new products and solutions developed by Siemens. Our close contact to all our business units in Siemens provides the opportunity to contribute to and gain experience in real industrial applications. Our research team is located in beautiful Princeton, NJ, a university town packed with exceptional international talent that provides a unique feel of this true cultural gem in the state. The town has plenty of activities to offer, but for those looking for more, at just about 1h drive we have NYC or Philadelphia. We have the best public schools in the country and all of the above glued together by a very active and welcoming community. We also offer generous remote working options and flexible workdays, unlimited PTO, as well as robust health and wellness benefits to promote healthy living and support the best lifestyle for you and your family. As Siemens’ central Research & Development department, we embrace this community. Our core mission is to support our Siemens business units as a central knowledge hub for all cybersecurity capabilities globally. We research and develop new and innovative solutions, based on much-needed deep technical expertise, and our network with internal and external experts and academia. This allows us to invent new solutions and approaches, and verify their feasibility in the “real world” together with the product development teams of our business units – creating a stimulating setup for quick innovation cycles and rapid prototyping. The role of Cybersecurity Researcher within Siemens offers you the opportunity to support the transition of research results into industrial products, and to break & fix industrial assets to ensure security. We are not focused on executing project after project – our role is to understand customer and business unit pain points and problems, and devise innovative solutions to improve effectiveness, efficiency, coverage, and reduce risk of testing in industrial environments. Being researchers, our employees are encouraged to be active members of the national and global cybersecurity community, which includes visiting relevant conferences, publishing results, and engaging with academia, national labs, and other partners in joint research projects. We support employees’ growth with a continuous paid training plan, and enable career growth within our team, as well as into the larger Siemens company. Join Us We are more than employees; we are actively helping to make people’s lives a little better every day. Would you like to be a part of that? Then join us. We offer you a high level of practical relevance as well as an opportunity to individually contribute your knowledge and your visions around the world. Whether you’re helping to develop products for the operating units or working in interdisciplinary projects for the business areas: At Siemens Technology you’ll be working in the heart of Siemens’ technological research together with the best. Successful candidate must be able to work with controlled technology in accordance with US Export Control Law. US Export Control laws and applicable regulations govern the distribution of strategically important technology, services and information to foreign nationals and foreign countries. Siemens may require candidates under consideration for employment opportunities to submit information regarding citizenship status to allow the organization to comply with specific US Export Control laws and regulations. Additional information on the US Export Control laws & regulations can be found on http://www.bis.doc.gov/index.php/policy-guidance/deemed-exports/deemed-exports-faqs?view=category&id=33# Equal Employment Opportunity Statement Siemens is an Equal Opportunity and Affirmative Action Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to their race, color, creed, religion, national origin, citizenship status, ancestry, sex, age, physical or mental disability unrelated to ability, marital status, family responsibilities, pregnancy, genetic information, sexual orientation, gender expression, gender identity, transgender, sex stereotyping, order of protection status, protected veteran or military status, or an unfavorable discharge from military service, and other categories protected by federal, state or local law. EEO is the Law Applicants and employees are protected under Federal law from discrimination. To learn more, Click here. Pay Transparency Non-Discrimination Provision Siemens follows Executive Order 11246, including the Pay Transparency Nondiscrimination Provision. To learn more, Click here. California Privacy Notice California residents have the right to receive additional notices about their personal information. To learn more, click here. Organization: Technology Company: Siemens Corporation Experience Level: Experienced Professional Full / Part time: Full-time Equal Employment Opportunity Statement Siemens is an Equal Opportunity and Affirmative Action Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to their race, color, creed, religion, national origin, citizenship status, ancestry, sex, age, physical or mental disability unrelated to ability, marital status, family responsibilities, pregnancy, genetic information, sexual orientation, gender expression, gender identity, transgender, sex stereotyping, order of protection status, protected veteran or military status, or an unfavorable discharge from military service, and other categories protected by federal, state or local law. EEO is the Law Applicants and employees are protected under Federal law from discrimination. To learn more, Click here. Pay Transparency Non-Discrimination Provision Siemens follows Executive Order 11246, including the Pay Transparency Nondiscrimination Provision. To learn more, Click here. California Privacy Notice California residents have the right to receive additional notices about their personal information. To learn more, click here.