The Head of Product Security is responsible for ensuring the cybersecurity of Liebherr Products/Machines and related digital products throughout their entire lifecycle. The role defines and drives product security strategy, embeds security-by-design into engineering, and ensures compliance with EU product cybersecurity regulations, including the Cyber Resilience Act (CRA) and NIS2, while protecting connected machines, embedded systems, and digital services. Ensuring alignment with business strategies, demands, and risk appetite, working closely with Corporate Product Security Officer, as well as the Product Security Officers/Engineers of Product Segments.Responsibilities:Define and lead global product security strategy, roadmap and execution for construction machines and digital products.Define product security controls (secure coding, vulnerability management, incident response) based on threat modelling and risk appetite.Act as central focal point for product security topics within Corporate Information Security and to internal/external customers for product security matters, risk, regulatory findingsDefine the product security governance framework (policies, standards, controls) and ensure adoption into R&D, engineering, and product lifecycle processesSponsor, build and deploy training, awareness, and support to Engineering teams on security best practices.Ensure product compliance with EU Cyber Resilience Act (CRA), NIS2, and other applicable global regulationsEmbed security-by-design into hardware, firmware, embedded software, and connected platforms.Build, mentor and lead a team of product security experts. Foster collaboration with Engineering teams and across Corporate Information Security domains.Competencies:A degree in Engineering, Cybersecurity, Computer Science, or a related fieldAt least 5 years of experience in product or embedded cybersecurity, including 3+ years in a leadership roleStrong background in embedded systems, connected products, or industrial/IoT securityProven ability to translate regulatory and technical requirements into practical engineering executionSolid knowledge of standards and regulations such as UNECE R155/R156, EU CRA, IEC 62443, ISO 21434, NIST CSFExperience with security testing methods and tools (e.g. SAST, DAST, fuzzing)Strong leadership, communication, and stakeholder management skillsExperience in manufacturing, industrial, automotive, or heavy equipment environments is a strong advantageFluent English required; German and French are a plusOur offer:We offer you a secure job, progressive and family-friendly employment conditions such as flexible working hours, hybrid working and opportunities for further training.Have we awoken your interest? Then we look forward to receiving your online application. If you have any questions, please contact Regina Abou el Naga.One Passion. Many Opportunities.
#J-18808-Ljbffr