Apply now »

Head of Product Security (m/w/d)

Bulle
Job ID:  80929
Division:  Liebherr International
Company:  Liebherr-International AG
Work area:  Information technology / Software
Country:  CH
Entry level:  Professionals
Salary: 
Type of contract:  full time
Vacancy live date:  asap

The Head of Product Security is responsible for ensuring the cybersecurity of Liebherr Products/Machines and related digital products throughout their entire lifecycle. The role defines and drives product security strategy, embeds security-by-design into engineering, and ensures compliance with EU product cybersecurity regulations, including the Cyber Resilience Act (CRA) and NIS2, while protecting connected machines, embedded systems, and digital services. Ensuring alignment with business strategies, demands, and risk appetite, working closely with Corporate Product Security Officer, as well as the Product Security Officers/Engineers of Product Segments.

 

Responsibilities:

  • Define and lead global product security strategy, roadmap and execution for construction machines and digital products.
  • Define product security controls (secure coding, vulnerability management, incident response) based on threat modelling and risk appetite.
  • Act as central focal point for product security topics within Corporate Information Security and to internal/external customers for product security matters, risk, regulatory findings
  • Define the product security governance framework (policies, standards, controls) and ensure adoption into R&D, engineering, and product lifecycle processes
  • Sponsor, build and deploy training, awareness, and support to Engineering teams on security best practices.
  • Ensure product compliance with EU Cyber Resilience Act (CRA), NIS2, and other applicable global regulations
  • Embed security-by-design into hardware, firmware, embedded software, and connected platforms.
  • Build, mentor and lead a team of product security experts. Foster collaboration with Engineering teams and across Corporate Information Security domains.

Competencies:

  • A degree in Engineering, Cybersecurity, Computer Science, or a related field
  • At least 5 years of experience in product or embedded cybersecurity, including 3+ years in a leadership role
  • Strong background in embedded systems, connected products, or industrial/IoT security
  • Proven ability to translate regulatory and technical requirements into practical engineering execution
  • Solid knowledge of standards and regulations such as UNECE R155/R156, EU CRA, IEC 62443, ISO 21434, NIST CSF
  • Experience with security testing methods and tools (e.g. SAST, DAST, fuzzing)
  • Strong leadership, communication, and stakeholder management skills
  • Experience in manufacturing, industrial, automotive, or heavy equipment environments is a strong advantage
  • Fluent English required; German and French are a plus

Our offer:

We offer you a secure job, progressive and family-friendly employment conditions such as flexible working hours, hybrid working and opportunities for further training.

Have we awoken your interest? Then we look forward to receiving your online application. If you have any questions, please contact Regina Abou el Naga.

One Passion. Many Opportunities.

The company

Liebherr-International AG with its head office in Bulle is the parent company of the Liebherr Group and performs various functions in the areas finance, tax, auditing, legal, insurance, HR, and corporate communication. The Liebherr Group employs nearly 50,000 people worldwide in over 140 countries.​  

Location

Liebherr-International AG

7, Rue Hans-Liebherr

1630 Bulle

Switzerland (CH)

Contact

Regina Abou el Naga

regina.abouelnaga@liebherr.com

Apply now »