Product Security Lead
We are seeking an experienced product security professional to lead our global product cybersecurity audit framework.
Key Responsibilities:
* Design and manage the global product cybersecurity audit framework, including methodology, templates, reporting structures, and audit cycles.
* Plan, coordinate, and lead audits across all product divisions and sites worldwide.
* Conduct high-priority and complex audits yourself, especially for critical or high-risk products.
* Lead and guide other auditors across the organization; define audit scopes, review findings, and ensure consistency in execution.
* Evaluate secure development processes, threat/risk analyses (TARA), software update mechanisms, vulnerability and incident handling, and SBOM/HBOM practices.
* Interface with product teams, engineering, compliance, and management to communicate audit outcomes and drive remediation and improvement.
* Report audit results to executive stakeholders and ensure transparency on cybersecurity maturity across the product landscape.
* Monitor and interpret emerging cybersecurity regulations and translate them into audit criteria and updates to the framework.
Requirements:
* University degree in Cybersecurity, Computer Science, Engineering, or similar.
* 7+ years of experience in product cybersecurity or secure product development, with at least 3 years in a lead auditor or audit framework development role.
* In-depth knowledge of cybersecurity standards (IEC 62443, ISO 27001, etc.) and their application to complex technical products.
* Proven ability to lead audit programs at group or enterprise level.
* Auditor certifications (e.g. ISO 27001 Lead Auditor, TISAX, IEC 62443, etc.) are a strong plus.
* Confident in engaging with technical and executive audiences across different business units and cultures.
* Fluent in English (spoken and written); German is a plus.
Benefits:
* Attractive remuneration and social benefits.
* Flexible and hybrid working.
* Freedom for creative work.
* Company pension scheme.
* Crisis-proof workplace.
* Individual development and training opportunities.
* Employee benefits & discounts.
* Bicycle leasing through salary conversion.
* Healthy & regional catering in the company restaurant.
* Company health management programme.
* EGYM Wellpass.