Ppp At Liebherr-IT Services GmbH, we value the development of individual and entrepreneurial needs and therefore live the flex office: We work in a hybrid model with flexible working hours - both on site and mobile. /ph2 Creating passion: your responsibilities /h2pulli Governance and program planning: Own and operate the global SCRM process in close collaboration with the Risk Management Product team. Develop and maintain the SCRM process aligned with business needs, security risk appetite and compliance obligations. /lili Contractual Security Requirements: Define standard cybersecurity requirements for contracts and collaborate with Legal and Procurement to ensure their adoption for high-risk suppliers.Review and approve exceptions to standard security clauses based on risk-based justifications. /lili Supplier Risk Classification and Tiering: Implement supplier risk tiering and classification framework based on criticality, data access, regulatory exposure, and inherent risk. Ensure consistent application of the tiering model and conduct periodic reviews to adjust for changes in the threat landscape. /lili Supplier Assessments and Security Assurance: Oversee the planning, scoping, and execution of supplier security assessments, including onboarding and recurring reviews. Manage external assessment providers and ensure timely, high-quality outputs.Track remediation plans for non-compliant suppliers and escalate unresolved risks. /lili Operational Oversight: Maintain a central inventory of suppliers with risk tier classification, risk posture, and assessment status. Monitor and ensure SLA adherence of managed service providers conducting risk assessments and audits.Serve as the central point of contact for business units, Legal, Procurement, and Compliance regarding supplier risk issues. /lili Continuous Improvement and Reporting: Analyze trends and findings from supplier assessments to drive service enhancements and efficiency. Report key risk indicators and metrics and support internal or external audits related to third-party risk. Support regulatory reporting requirements related to supplier security. /li /ulh2 Contributing your strengths: your qualifications /h2pulli Bachelor’s/Master’s in Cybersecurity, Computer Science, or related field. /lili7+ years of working experience in information security, IT security or related roles. /lili5+ years of working experience in medium to large organizations in supply/third party risk management roles. /lili Certifications such as CISSP, CISM, CRISC are a plus. /lili Strong knowledge of governance frameworks related to supply chain risk management NIST CSF, SP800-161, ISO 27001 as well as Familiarity with VS-NfD and NIST SP 800-171 requirements. /lili Demonstrated experience managing external assessment providers. /lili Demonstrated ability to manage stakeholders across IT, OT, engineering, and executive leadership in complex environments. /lili Highly desirable: experience in product ownership and service delivery using SAFe (Scaled Agile Framework) or similar agile methodologies. /lili Excellent written and verbal communication skills in English and German is a plus. /li /ulh2 Our commitment to you: your benefits /h2pp As an internationally successful family business, the Liebherr Group offers you a secure job, a unique variety of tasks and exciting development opportunities. Become part of our strong team today and get to know the Liebherr Group as a reliable partner. Profit from these benefits: /p ulli Attractive remuneration and social benefits /lili Flexible and hybrid working /lili Freedom for creative work /lili Company pension scheme /lili Crisis-proof workplace /lili Individual development and training opportunities /lili Employee benefits discounts /lili Bicycle leasing through salary conversion /lili Healthy regional catering in the company restaurant /lili Company health management programme /lili EGYM Wellpass /li /ul p Get your own impression of our Oberopfingen site: Liebherr - Imagefilm Standort Oberopfingen - YouTube and find your perfect match in our family business: Liebherr - Finde dein perfektes Match! (youtube.com) /p p Please only use the online application option. /ppp Haben wir Ihr Interesse geweckt? Dann freuen wir uns über Ihre Online-Bewerbung. Bei Fragen kontaktieren Sie bitte Verena Maucher. /ppb One Passion. Many Opportunities. /b /ph2 Das Unternehmen /h2p Die Liebherr-IT Services GmbH mit Sitz in Oberopfingen bei Kirchdorf an der Iller erarbeitet IT-Lösungen für die gesamte Firmengruppe, koordiniert die standortübergreifenden IT-Anwendungen und berät die Gesellschaften der gesamten Firmengruppe in IT-Fragen. /ph2 Standort /h2pp Liebherr-IT Services GmbH /pp St. Vitus 1 /pp88457 Kirchdorf/Oberopfingen /pp Deutschland (DE) /ph2 Kontakt /h2pp Verena Maucher /p /p /p /p /p /p /p /p /p