Product Cybersecurity Manager

About The Position

Requirements

• Bachelor’s or Master’s degree in engineering or equivalent experience
• 5+ years of hands‑on experience in software engineering, secure SDLC, system/software architecture, DevSecOps, or technical project management, with at least 3+ years dedicated to cybersecurity in product or platform contexts.
• Experience in regulated industries (medical devices preferred)
• Strong communication skills; able to translate complex security topics for diverse audiences
• Hands‑on experience with threat modeling, security testing, vulnerability management, and secure coding
• Familiarity with Bluetooth/WLAN/TLS, scripting/programming languages, and modern development workflows
• Knowledge of security frameworks (NIST CSF, ISO 27001, MITRE), privacy regulations (GDPR, HIPAA), and medical device regulations (MDR, FDA)
• Proficiency with Windows, Linux, macOS, and collaboration tools such as Confluence, Jira, Polarion, and MS Teams.
• Basic understanding of AI technologies and associated risks
• English fluency required

Nice To Haves

• experience with agentic AI systems is a plus
• Certifications (ISC2, GIAC) are advantageous
• German basics a plus

Responsibilities

• Lead Product Cybersecurity Governance — Execute the global cybersecurity strategy, embed standards and controls across R&D, and ensure consistent adoption of secure‑by‑design practices.
• Drive Secure Product Development — Integrate cybersecurity into the full lifecycle using frameworks such as SPDF, IEC 62304, ISO 14971, and IEC 81001‑5‑1; define and validate security and privacy requirements.
• Facilitate Threat Modeling & Risk Assessments — Lead global teams through structured analysis, mitigation planning, and traceability to controls; escalate material risks when needed.
• Oversee Vulnerability & Post‑Market Security Operations — Monitor signals, coordinate triage, ensure timely remediation, and support incident response readiness.
• Coordinate Cybersecurity Evidence & Compliance — Prepare audit ready documentation, support regulatory submissions, and ensure alignment with global cybersecurity and privacy regulations.
• Manage Security Testing & Supplier Assurance — Plan internal/external testing, analyze findings, drive remediation, and assess third‑party and open‑source cybersecurity risks.
• Enable DevSecOps & Secure Tooling — Support integration of automated security checks, SAST/DAST, and other tooling into CI/CD pipelines.
• Build Cybersecurity Capability Across Teams — Coach R&D and product teams, strengthen security awareness, and cultivate a network of security champions.
• Provide Cross‑Functional Leadership — Advise on risk‑based decisions, influence stakeholders, and contribute to agile development processes and team rituals.
• Support R&D Excellence — Participate in planning and refinement, contribute to onboarding, and share knowledge across communities of practice.

Benefits

• wellness benefit
• paramedical (massage therapist, naturopath, etc.)
• competitive compensation
• variable component
• employer match on pension contributions
• Mentorship program
• career development plans