Product Cyber Security Manager (m/f/x)

## Creating passion: your responsibilities – Support the CPSO (Corporate Product Security Officer) in the implementation and continuous improvement of product cyber security governance, risk management, and compliance activities across the product lifecycle. – Act as liaison between the product cyber security organization and the central GRC functions, ensuring alignment of policies, risk methodology, and reporting structures. – Maintain and further develop group-wide product security policies, controls, and governance processes in collaboration with the central GRC unit. – Drive risk transparency for product-related cyber risks through structured identification, assessment, documentation, and tracking in line with enterprise GRC frameworks. – Coordinate security-related risk assessments together with GRC- and Consulting unit, and control maturity evaluations in product development and lifecycle activities. – Support conformity with cybersecurity-relevant regulatory requirements, such as the EU Cyber Resilience Act, RED, NIS2, or UNECE R155/R156, in alignment with compliance and legal experts. – Support product security audits and internal/external assessments, ensuring readiness and harmonization with overarching corporate GRC goals. – Contribute to executive reporting, KPIs/KRIs and management steering materials prepared by the CPSO. – Represent product cybersecurity topics in internal working groups, projects and compliance forums, where cross-functional GRC alignment is required. ## Contributing your strengths: your qualifications – Degree in Cyber Security, Engineering, Computer Science, Risk Management or related field. – 3+ years of experience in cyber security governance, risk, or compliance, ideally with exposure to product cyber security in regulated industries (e.g. machinery, automotive, aerospace). – Practical experience working with or within enterprise GRC units (IT, OT, or Product Security), ideally in a matrix or group structure. – Familiar with norms and standards, like IEC 62443. – Knowledge of regulatory frameworks affecting product cyber security, e.g. Cyber Resilience Act, RED, NIS2, UNECE R155/R156. – Strong skills in stakeholder coordination and cross-functional collaboration, especially with compliance, legal, IT security, and engineering functions. – Structured, analytical mindset with experience in risk methodology, control assessments, or audit preparation. – Fluent in English; German is a plus. ## Our commitment to you: your benefits As an internationally successful family business, the Liebherr Group offers you a secure job, a unique variety of tasks and exciting development opportunities. Become part of our strong team today and get to know the Liebherr Group as a reliable partner. Profit from these benefits: – Attractive remuneration and social benefits – Flexible and hybrid working – Freedom for creative work – Company pension scheme – Crisis-proof workplace – Individual development and training opportunities – Employee benefits & discounts – Bicycle leasing through salary conversion – Healthy & regional catering in the company restaurant – Company health management programme – EGYM Wellpass ## Das Unternehmen Die Liebherr-IT Services GmbH mit Sitz in Oberopfingen bei Kirchdorf an der Iller erarbeitet IT-Lösungen für die gesamte Firmengruppe, koordiniert die standortübergreifenden IT-Anwendungen und berät die Gesellschaften der gesamten Firmengruppe in IT-Fragen.