Your Opportunity to Make an Impact

We are seeking a dedicated and experienced Product Solution & Security Officer to join our team and help us safeguard our products and services. As the Product Solution & Security Officer you will be responsible for overseeing and enhancing the security of our products throughout their lifecycle. This role involves collaborating with cross-functional teams to identify and mitigate security risks, ensuring compliance with industry, Dotmatics and Siemens Digital Industries Software Product Solution Security standards, and implementing best practices for product security. We are committed to delivering high-quality products and services to our customers while ensuring the highest standards of security and privacy.

In this role you’ll get to:

• Develop and implement Product Solution Security (PSS) Strategy for respective Organisational Unit which is in line with the Product Solution Security (PSS) and the strategy of the respective business.
• Guide the Product Solution Security Engineers (PSSE) of Organizational Unit, in a matrix environment
• Be responsible for PSS information exchange between the respective Business Unit and Country Business Units.
• Provide regular PSS status updates including; PSS Maturity and risk reports to the Product leadership and the Chief PSSO.
• Deliver on continuous improvement of Product Solution Security (PSS) Maturity
• Conduct security assessments, business impact analysis and vulnerability management on products.
• Collaborate with product development teams to integrate security into the design and development processes.
• Design and deliver reports and metrics on status of security and risk mitigation across a suite of customer-facing products and services, to stakeholders and senior management
• Ensure monitoring and responses to security incidents and vulnerabilities are appropriate to company policies, procedures, and risk appetite by coordinating and guiding task forces.
• Support the business to understand the requirements of security laws, regulations, and standardisations and ensure compliance
• Provide training and guidance to teams on security topics
• Stay updated on the latest security threats, trends, and technologies.

We’re looking for people who have 12+ years experience in product security, cybersecurity, or a closely related role, and hold relevant certifications (e.g., CISSP, CISM, CEH) or degrees (BS or MS in Computer Science, Information Security, or closely related). You will demonstrate excellent problem-solving and analytical skills, advanced communication and interpersonal skills including both technical and executive audiences.

The key skills we are looking for:

• Risk/Security Management: Advanced expertise in identifying information security risks through source code review and secure interaction between code, libraries, languages, APIs, database, and core platform infrastructures (e.g. Tomcat, Java).
• Risk/Security Management: Driving secure-by-design principles throughout the product lifecycle to mitigate vulnerabilities and ensure product integrity.
• Expert hands on knowledge of modern techniques of secure networking and communications in public cloud environments.
• Advanced knowledge OWASP SAMM v2.0 frameworks
• Monitoring and adhering to Cybersecurity Regulatory standards including Executive Order 14028, EU CRA, NIS 2.0, AI Act, and demonstrated means to stay up to date with regulatory changes
• Detailed understanding of security principles, practices, and technologies.
• Expert hands on experience with security assessment tools and methodologies.
• Project Management: Designing and Leading multiple work streams/projects across a wide range of products/organisations
• Cross-Functional Collaboration: Proven ability to work effectively across multiple internal departments and Customer teams. Demonstrating strong technical acumen and leadership to align security practices across diverse business units, while considering differing seniority and technical and non technical audiences