Head of Product Cyber Security
Publication date:
18 October 2024Workload:
100%Contract type:
Permanent position- Place of work:Nänikon-Greifensee
The Head of Product Cyber Security 100% (all genders) will report to the Head of DBS-Cybersecurity and will collaborate with internal Application Security resources to ensure alignment of the Application Security and Product Cybersecurity strategies at our global operational headquarters in Greifensee, Switzerland.In this role, your responsibilities would include: You are responsible for ensuring that the organization's products and customer-facing digital services are secured from cybersecurity threatsYou are responsible for developing, promoting and governing the appropriate policies and procedures related to product cybersecurity in alignment with the Head of Compliance Circle, Head of Digital Business Services (DBS) Cybersecurity and the Global Process Owner (GPO) Product Lifecycle Management (PLM)You will align with the Head of Compliance Circle to monitor any changes in legislation regarding Cyber Security, and initiate related actions based on changes in the cyber security landscapeYou will align with the GPO PLM to monitor any changes in relevant international standards and respective certification plans, to ensure consistency of the Vulnerability Handling & Disclosure Management with these standards, and to continuously improve MT practices regarding cybersecurity in alignment with the group-wide PLM FrameworkYou will determine and execute the best methods to ensure that Product Developers are aware of all new application security controls during the development lifecycle and continue to monitor for new high risk to deployed products as described belowYou are responsible for conducting cybersecurity assessments of the organization´s products and customer facing digital services. The cybersecurity assessments include the design and implementation of a complete lifecycle process that identifies, evaluates, and prioritizes potential high-risk vulnerabilities (zero-day and others) to the organization's existing products or servicesYou support actively product teams in developing solutions to address vulnerabilities and not only to focus on assessments and controls