The Software Security Product Owner will be responsible for overseeing and ensuring the security of our industrial client machines throughout their lifecycle, from design to production and deployment.
This role involves identifying, assessing, and mitigating security risks, ensuring compliance with relevant industry standards, and collaborating with cross-functional teams to integrate robust security measures
into the product development process.
Key Responsibilities:
Lead the security assessment process to identify the applicable norms/standards, define the scope of the security requirements and create and maintain the cyber security backlog.
Define and agree the machine's product roadmap for the cybersecurity requirements in collaboration with R&D technical leaders, Project Management Office (PMO) and Product Management (PM).
Ensure products meet relevant industry security standards, regulations, and certifications (e.g., ISO, IEC).
Create and maintain a comprehensive security documentation for all products, including security protocols, testing results, and compliance records.
Oversee the implementation and validation of security features and patches for existing and new products.
Work in a cross-functional team environment (R&D, operations, Product management, etc.) and communicate complex security concepts to non-technical stakeholders.
Define security training plan and awareness programs for development, engineering, and operational teams.
Lead the certification process of the products against cybersecurity
standard.
Act as the primary point of contact for Product Management and customer's inquiries and requests related to cybersecurity. Provide
timely and accurate responses to their questions and concerns.
Analyse customer requirements and feedback, and map these to existing cybersecurity requirements and the product roadmap. Ensure alignment and identify any gaps or areas for improvement.
Profile / Requirements :
Background in computer science with proven experience in Cybersecurity
Background of industrial control systems and embedded systems security
Experience with secure software development practices, threat modelling, and risk management
Knowledge of encryption, authentication, and secure communications protocols
Familiarity with security testing tools and techniques, including penetration testing and vulnerability scanning
Proven track record of implementing and maintaining security frameworks, including ISO 27001, IEC 62443, or similar, with over 3 years of experience. Willingness and capability to deeply study security standards and become an expert is mandatory.
Self-motivated, proactive, and able to work independently with minimal supervision
Familiarity with regulatory requirements and data protection laws (e.g., GDPR, NIST, etc.)
Experience with incident response and managing security incidents from
detection to resolution is a plus .
Nice to have
Experience with product lifecycle systems such as Azure DevOps.
Experience with Agile methodologies (Lean development).
Knowledge in DevOps infrastructure administration and maintenance: Team
city and/or GitLab.
Experience testing in C# or C++ ecosystem.
Experience with image processing and/or computer vision systems.
Experience with end-to-end testing for system that integrates AI technologies.
ISTQB-Foundation Level certificate.