Vulnerability Management Product Owner (m/f/x)
At Liebherr-IT Services GmbH, we value the development of individual and entrepreneurial needs and therefore live the flex office: We work in a hybrid model with flexible working hours - both on site and mobile.
Creating passion: your responsibilities
- Service Design and Delivery: Define, operate, and evolve VM services: Vulnerability Detection, Response, and Remediation Support. Own the deployment, configuration, and health of vulnerability scanning tools across infrastructure and cloud. Ensure full coverage of IT, cloud, and connected product environments, integrating product vulnerability scanning into development and build pipelines. Confirm OT environments are excluded where required to prevent disruption.
- Risk-Based Prioritization and Response: Integrate threat intelligence (e.g., KEV, EPSS) and business context to triage vulnerabilities. Oversee analysis, risk scoring, and automated ticketing to IT and engineering teams. Incorporate prioritization criteria for product vulnerabilities based on exploitability, customer exposure, and safety impact.
- Remediation Support and Governance: Engage IT and product engineering teams to support timely remediation and mitigation. Govern exception handling (aging, approvals, and reviews). Provide workarounds and zero-day guidance to infrastructure and product owners. Coordinate secure code fixes and firmware updates for product vulnerabilities.
- Process Management and Collaboration: Ensure effective collaboration between IT, SOC, and product engineering through defined workflows. Embed PSVM processes within the software development lifecycle (SDLC) to ensure vulnerabilities are addressed prior to product release. Coordinate with CMDB and asset inventory teams to maintain scan scope integrity.
- Performance Management and Reporting: Define and track KPIs and SLAs for all VM services. Integrate PSVM metrics and status reporting into the overall vulnerability dashboard. Provide risk and exposure reduction trends to security leadership and executives.
Contributing your strengths: your qualifications
- Bachelor’s/Master’s in Cybersecurity, Computer Science, or related field.
- 7+ years of working experience in information security, IT security or related roles.
- 5+ years of working experience in medium to large organizations in specific vulnerability management or product security management roles.
- Certifications such as CISSP, ISSMP, CRISC, or SANS LDR516 are a plus.
- Strong knowledge of governance frameworks related to vulnerability management NIST CSF, Mitre ATT&CK, etc.
- Proven ability to develop and monitor service-level metrics, KPI frameworks, and reporting.
- Demonstrated ability to manage stakeholders across IT, OT, engineering, and executive leadership in complex environments.
- Highly desirable: experience in product ownership and service delivery using SAFe (Scaled Agile Framework) or similar agile methodologies.
- Excellent written and verbal communication skills in English, German is a plus.
Our commitment to you: your benefits
As an internationally successful family business, the Liebherr Group offers you a secure job, a unique variety of tasks and exciting development opportunities. Become part of our strong team today and get to know the Liebherr Group as a reliable partner. Profit from these benefits:
- Attractive remuneration and social benefits
- Flexible and hybrid working
- Freedom for creative work
- Company pension scheme
- Crisis-proof workplace
- Individual development and training opportunities
- Employee benefits & discounts
- Bicycle leasing through salary conversion
- Healthy & regional catering in the company restaurant
- Company health management programme
- EGYM Wellpass
Get your own impression of our Oberopfingen site: Liebherr - Imagefilm Standort Oberopfingen - YouTube and find your perfect match in our family business: Liebherr - Finde dein perfektes Match! (youtube.com)
Please only use the online application option.
Haben wir Ihr Interesse geweckt? Dann freuen wir uns über Ihre Online-Bewerbung. Bei Fragen kontaktieren Sie bitte Verena Maucher.
One Passion. Many Opportunities.
Das Unternehmen
Die Liebherr-IT Services GmbH mit Sitz in Oberopfingen bei Kirchdorf an der Iller erarbeitet IT-Lösungen für die gesamte Firmengruppe, koordiniert die standortübergreifenden IT-Anwendungen und berät die Gesellschaften der gesamten Firmengruppe in IT-Fragen.
Standort
Liebherr-IT Services GmbH
St. Vitus 1
88457 Kirchdorf/Oberopfingen
Deutschland (DE)
Kontakt
Verena Maucher
verena.maucher@liebherr.com
