IT - Security & Compliance Engineer managing compliance standards and audits at C.H.BECK, a leading media company. Focused on IT security, risk management, and collaboration with various departments.
About the role
- Head of Product Security ensuring cybersecurity for Liebherr’s construction machines and digital products. Leading product security strategy, compliance, and team of security experts.
Responsibilities
- Define and lead global product security strategy, roadmap and execution for construction machines and digital products.
- Define product security controls (secure coding, vulnerability management, incident response) based on threat modelling and risk appetite.
- Act as central focal point for product security topics within Corporate Information Security and to internal/external customers for product security matters, risk, regulatory findings.
- Define the product security governance framework (policies, standards, controls) and ensure adoption into R&D, engineering, and product lifecycle processes.
- Sponsor, build and deploy training, awareness, and support to Engineering teams on security best practices.
- Ensure product compliance with EU Cyber Resilience Act (CRA), NIS2, and other applicable global regulations.
- Embed security-by-design into hardware, firmware, embedded software, and connected platforms.
- Build, mentor and lead a team of product security experts.
- Foster collaboration with Engineering teams and across Corporate Information Security domains.
Requirements
- A degree in Engineering, Cybersecurity, Computer Science, or a related field
- At least 5 years of experience in product or embedded cybersecurity, including 3+ years in a leadership role
- Strong background in embedded systems, connected products, or industrial/IoT security
- Proven ability to translate regulatory and technical requirements into practical engineering execution
- Solid knowledge of standards and regulations such as UNECE R155/R156, EU CRA, IEC 62443, ISO 21434, NIST CSF
- Experience with security testing methods and tools (e.g. SAST, DAST, fuzzing)
- Fluent English required; German and French are a plus
Benefits
- Flexible working hours
- Hybrid working
- Opportunities for further training
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
SAP Senior Security Consultant developing innovative security concepts for SAP environments at Axians, supporting clients with their digital transformation efforts.
Security Engineer at Fonoa enhancing cybersecurity posture, handling incident response, and ensuring compliance. Collaborating with IT, Engineering, and other teams in a hybrid work environment.
Cybersecurity Engineer at Openchip ensuring the security of IT systems and compliance with standards. Collaborating with DevOps and Infrastructure teams to implement best practices and mitigate risks.
Lead strategic implementation of work safety and health protection initiatives at PostFinance. Develop guidelines and provide training while ensuring compliance with safety standards.
Senior Product Security Engineer at Medtronic focusing on cybersecurity for medical device products. Leading vulnerability assessments and coordinating responses to security incidents.
Cybersecurity Engineer defining and governing corporate security architectures at GFT. Collaborating with multidisciplinary teams to ensure robust security protocols and practices.
Information Security Architect specializing in AI risk management at Wolters Kluwer. Enhancing secure adoption of Generative AI across the enterprise while ensuring compliance with industry standards.
Consultor Comercial de Soluções em Cibersegurança para fortalecer vendas na QOS. Traduzir soluções de cibersegurança em benefícios reais, influenciando decisores.
Health and safety coordinator supporting environment, health, and safety for Coca - Cola's Lachine operations. Focus on compliance and training initiatives in a manufacturing setting.