Job Opportunity
We are seeking an experienced Cyber Security professional to join our team as a Product Security Manager. In this role, you will be responsible for supporting the implementation and continuous improvement of product cyber security governance, risk management, and compliance activities across the product lifecycle.
This involves liaising between the product cyber security organization and the central GRC functions, ensuring alignment of policies, risk methodology, and reporting structures. You will also maintain and further develop group-wide product security policies, controls, and governance processes in collaboration with the central GRC unit.
Additionally, you will drive risk transparency for product-related cyber risks through structured identification, assessment, documentation, and tracking in line with enterprise GRC frameworks. Your responsibilities will include coordinating security-related risk assessments together with GRC- and Consulting unit, and controlling maturity evaluations in product development and lifecycle activities.
* Key Responsibilities:
* Support the implementation and continuous improvement of product cyber security governance, risk management, and compliance activities.
* Liaise between the product cyber security organization and the central GRC functions.
* Maintain and further develop group-wide product security policies, controls, and governance processes.
* Drive risk transparency for product-related cyber risks.
* Coordinate security-related risk assessments and control maturity evaluations.
Requirements
To be successful in this role, you will require a degree in Cyber Security, Engineering, Computer Science, Risk Management, or a related field. You should have at least 3 years of experience in cyber security governance, risk, or compliance, ideally with exposure to product cyber security in regulated industries.
Practical experience working with or within enterprise GRC units (IT, OT, or Product Security) is essential, ideally in a matrix or group structure. Familiarity with norms and standards, such as IEC 62443, is also required. Knowledge of regulatory frameworks affecting product cyber security, including the Cyber Resilience Act, RED, NIS2, UNECE R155/R156, is necessary.
You should possess strong skills in stakeholder coordination and cross-functional collaboration, especially with compliance, legal, IT security, and engineering functions. A structured, analytical mindset with experience in risk methodology, control assessments, or audit preparation is also essential.
* Required Skills and Qualifications:
* Degree in Cyber Security, Engineering, Computer Science, Risk Management, or a related field.
* At least 3 years of experience in cyber security governance, risk, or compliance.
* Practical experience working with or within enterprise GRC units.
* Familiarity with norms and standards, such as IEC 62443.
* Knowledge of regulatory frameworks affecting product cyber security.
* Strong skills in stakeholder coordination and cross-functional collaboration.
* Structured, analytical mindset with experience in risk methodology, control assessments, or audit preparation.
Benefits
As a valued member of our team, you will enjoy a range of benefits, including attractive remuneration and social benefits. Flexible and hybrid working arrangements will allow you to balance your work and personal life. You will also have the opportunity to participate in individual development and training programs, as well as access to employee benefits and discounts.
Our company offers a secure job, a unique variety of tasks, and exciting development opportunities. We value the development of individual and entrepreneurial needs and live the flex office model. Our goal is to create a workplace that is crisis-proof and supportive of our employees' well-being.
* Employee Benefits:
* Attractive remuneration and social benefits.
* Flexible and hybrid working arrangements.
* Individual development and training opportunities.
* Employee benefits and discounts.