Establishment and leadership of the Cyber Security domain with direct reporting line to the Head of Products & EngineeringOverall responsibility for security-related product and process compliance activitiesDevelopment and implementation of the Product Cyber Security strategy for embedded systemsCoordination with group-level and cross-BU security organizationEnsuring compliance with industry-specific standards (incl. IEC 62443, TS 50701, EU CRA)Integration of Security-by-Design into the product development processConducting and coordinating Threat Modeling, risk assessments (TRA), and vulnerability evaluationsLeading PSIRT build-up activities and the Vulnerability Management processSupporting certification and audit processesTraining and coaching of development teamsYour ProfileEducationDegree in Computer Science, IT Security, Electrical Engineering, or equivalentProfessional ExperienceAt least 5 years of experience in Cyber Security plus 3 years of leadership experienceProven experience with Product Security for embedded systemsExperience in regulated industries (railway, medical, automotive, aerospace, or similar)Experience with certification and audit processesIn-depth knowledge of IEC 62443, EU Cyber Resilience Act, and at least one sector-specific standard (TS 50701 or IEC 81001-5-1)Expertise in Secure Development Lifecycle (SDLC) and security testingKnowledge of Embedded Linux, RTOS, Secure Boot, cryptography, and network securityExperience with Threat Modeling (e.g., STRIDE) and TRA methodologyStrategic thinking combined with a hands‑on mentalityStrong communication skills, including with non-technical stakeholdersAbility to translate security topics into risk and business languageAbility to coordinate cross-functionally and drive topics forward, even without direct line authorityFluent in German and EnglishRecruitment agencies cannot be considered for this position.
#J-18808-Ljbffr