This appeals to you

• Being responsible for the security of our software development lifecycle, ensuring that all products (from cloud applications to embedded software) meet necessary security standards and regulations
• Being a member of an R&D security and compliance group, conducting and coordinating activities according to regulations like Cyber Resilience Act or company internal compliance processes
• Conducting risk assessments together with development teams (e.g. based on Threat Modelling, Pen Testing) and define the needed security user stories for further product development
• Supporting the definition of affected processes and best practices within the security environment (SDLC). Continuous improvement of overall organizational processes affected by governance and compliance needs
• Consulting stakeholders (e.g. R&D teams, supply chain, sales) in all areas of security relevant topics from supporting tools to architecture
• Working with compliance team to ensure relevant compliance standards like ISO 27001and NIS2. Supporting internal and external compliance audits
• Supporting sourcing, assessment and audits of external software partners or software component/tool suppliers with focus on contracts, liability, and security