Beschreibung

As a Product Security Officer, you will play a crucial role in ensuring the security of products and services by identifying risks, driving compliance, and collaborating with various teams to uphold security standards throughout the product life cycle.

Anforderungen

• •Master's degree or equivalent combination of education and work experience
• •Minimum 5 years of experience with Bachelor's or Minimum 3 years of experience with Master's in Security Compliance, Risk Management, Cryptography, Product Security, Security Testing & Automation or equivalent
• •Information security management or audit qualifications such as CISM, CISSP, CISA, or CRISC
• •Experience in Health information security management (ISO 27799, ISO/IEC 80001, RMF for DoD, EU MDR, UL 2900)
• •Excellent knowledge of laws and regulations on cybersecurity, privacy, data protection, and breach notification (GDPR, HIPAA, FDA Pre and Post Cybersecurity Requirements, ISO/TS 14265, 21CFR820, SB1386, etc.)
• •Excellent knowledge of ISO27001/2 and NIST Cybersecurity frameworks
• •Practical experience in highly regulated environment (FDA, SOx, Export, Privacy/GDPR, HIPAA)
• •Experience working in a large global organization
• •Excellent understanding of business unit integration into strategic vision
• •Strong interpersonal skills – communication, presentation, ability to influence and lead
• •Motivated, positive attitude, and results-oriented
• •German Citizen
• •Fluent in German and English, additional languages - an advantage
• •Willingness to travel as needed

Aufgaben

• •Report on product security KPIs
• •Collaborate with Quality and Regulatory on product security processes
• •Understand key market regulatory requirements
• •Drive security standards throughout the business
• •Champion product security during the product life cycle
• •Support information security training for product and program managers
• •Identify security risks in the product development life cycle
• •Provide security requirements guidance to cross-functional teams
• •Address customer security requirements in products
• •Offer solutions based on security best practices and regulations
• •Conduct product security risk assessments
• •Develop risk mitigation and control plans for products
• •Ensure completion of static code analysis and penetration testing
• •Communicate risks and mitigation recommendations to senior management
• •Assist in developing customer security documentation and labeling
• •Ensure compliance with General Business Principles and information security policies
• •Support maintenance of external certifications and compliance with guidelines
• •Assist with internal audits and guide external audits for products and services