Cyber Security Manager Job Description
As a Cyber Security Product Manager, you will play a key role in ensuring the security and integrity of our products. Your responsibilities will include supporting the Corporate Product Security Officer (CPSO) in implementing and improving product cyber security governance, risk management, and compliance activities across the product lifecycle.
You will act as a liaison between the product cyber security organization and the central GRC functions, ensuring alignment of policies, risk methodology, and reporting structures. You will maintain and further develop group-wide product security policies, controls, and governance processes in collaboration with the central GRC unit.
Key Responsibilities:
* Support the CPSO in implementing and improving product cyber security governance, risk management, and compliance activities
* Act as a liaison between the product cyber security organization and the central GRC functions
* Maintain and further develop group-wide product security policies, controls, and governance processes
* Drive risk transparency for product-related cyber risks through structured identification, assessment, documentation, and tracking
* Coordinate security-related risk assessments together with GRC- and Consulting unit, and control maturity evaluations in product development and lifecycle activities
* Support conformity with cybersecurity-relevant regulatory requirements, such as the EU Cyber Resilience Act, RED, NIS2, or UNECE R155/R156
* Support product security audits and internal/external assessments, ensuring readiness and harmonization with overarching corporate GRC goals
* Contribute to executive reporting, KPIs/KRIs and management steering materials prepared by the CPSO
Requirements:
* Degree in Cyber Security, Engineering, Computer Science, Risk Management or related field
* 3+ years of experience in cyber security governance, risk, or compliance, ideally with exposure to product cyber security in regulated industries
* Practical experience working with or within enterprise GRC units (IT, OT, or Product Security), ideally in a matrix or group structure
* Familiar with norms and standards, like IEC 62443
* Knowledge of regulatory frameworks affecting product cyber security, e.g. Cyber Resilience Act, RED, NIS2, UNECE R155/R156
* Strong skills in stakeholder coordination and cross-functional collaboration, especially with compliance, legal, IT security, and engineering functions
* Structured, analytical mindset with experience in risk methodology, control assessments, or audit preparation
* Fluent in English; German is a plus