Job Summary
">
1. Support the Corporate Product Security Officer in implementing and continually improving product cyber security governance, risk management, and compliance activities across the product lifecycle.
2. Act as a liaison between the product cyber security organization and the central GRC functions to ensure alignment of policies, risk methodology, and reporting structures.
3. Maintain and further develop group-wide product security policies, controls, and governance processes in collaboration with the central GRC unit.
4. Drive transparency for product-related cyber risks through structured identification, assessment, documentation, and tracking in line with enterprise GRC frameworks.
5. Coordinate security-related risk assessments together with the GRC- and Consulting unit, and control maturity evaluations in product development and lifecycle activities.
6. Ensure conformity with cybersecurity-relevant regulatory requirements, such as the EU Cyber Resilience Act, RED, NIS2, or UNECE R155/R156, in alignment with compliance and legal experts.
7. Support product security audits and internal/external assessments to ensure readiness and harmonization with overarching corporate GRC goals.
8. Contribute to executive reporting, KPIs/KRIs, and management steering materials prepared by the Corporate Product Security Officer.
9. Represent product cybersecurity topics in internal working groups, projects, and compliance forums where cross-functional GRC alignment is required.
]
Key Responsibilities
">
10. Degree in Cyber Security, Engineering, Computer Science, Risk Management, or related field.
11. 3+ years of experience in cyber security governance, risk, or compliance, ideally with exposure to product cyber security in regulated industries (e.g. machinery, automotive, aerospace).
12. Practical experience working with or within enterprise GRC units (IT, OT, or Product Security), ideally in a matrix or group structure.
13. Familiarity with norms and standards, like IEC 62443.
14. Knowledge of regulatory frameworks affecting product cyber security, e.g. Cyber Resilience Act, RED, NIS2, UNECE R155/R156.
15. Strong skills in stakeholder coordination and cross-functional collaboration, especially with compliance, legal, IT security, and engineering functions.
16. Structured analytical mindset with experience in risk methodology, control assessments, or audit preparation.
17. Fluent in English; German is a plus.
]
Benefits
">
18. Attractive remuneration and social benefits
19. Flexible and hybrid working
20. Freedom for creative work
21. Company pension scheme
22. Crisis-proof workplace
23. Individual development and training opportunities
24. Employee benefits & discounts
25. Bicycle leasing through salary conversion
26. Healthy & regional catering in the company restaurant
27. Company health management programme
28. EGYM Wellpass
]
About Us
"][