We are the Product Security team at Fresenius and are part of the Group Cybersecurity Office (GCSO). You know that securing digital value creation is a multifaceted task? You are technically enthusiastic and have cybersecurity experience in product security or secure development? Then work with us to develop strategies to secure our medical devices and self-developed applications. The exciting thing is that you not only talk about IoT, SaaMD and other terms, but also think about and implement cybersecurity in this context.
Are you prepared to advance Fresenius and help us progress into the new digitalized world? We look forward to hearing from you!
Your assignments
1. Drive the integration and continuous improvement of security practices within the Secure Development Lifecycle (SDLC), ensuring that security is a priority from the initial design phase through to development and post-market
2. Creation and definition of comprehensive security frameworks, policies, procedures, processes, architecture blueprints, and requirements to bolster our product’s cybersecurity posture
3. Actively support in defining and executing the product cybersecurity roadmap, ensuring alignment with business goals and industry best practices
4. Manage relationships and collaborate with internal and external stakeholders across R&D, cybersecurity, marketing, regulatory affairs, and IT, as well as with industry organizations
5. Assess potential synergies, organize assessments, and create reports to inform decisions makers on the current status
6. Elevate the cybersecurity knowledge of product stakeholders by organizing training sessions and sharing best practices
7. Play a key role in group and business communication for managing responses to product vulnerabilities and product security incidents
8. Assist the business in the implementation of cutting-edge secure development tools and conducting product risk assessments to safeguard against emerging threats and fortify product integrity
Your profile
9. Degree in Cybersecurity, Information Technology, or a related field
10. Proven experience in product security or secure development
11. Knowledge of hardware and software development and architecture
12. Strong communication and interpersonal skills for effective collaboration with diverse teams
13. Experiences in R&D, threat modelling, and risk assessments are desirable