- You are responsible for ensuring that the organization's products and customer-facing digital services are secured from cybersecurity threats
- You are responsible for developing, promoting and governing the appropriate policies and procedures related to product cybersecurity in alignment with the Head of Compliance Circle, Head of Digital Business Services (DBS) Cybersecurity and the Global Process Owner (GPO) Product Lifecycle Management (PLM)
- You will align with the Head of Compliance Circle to monitor any changes in legislation regarding Cyber Security, and initiate related actions based on changes in the cyber security landscape
- You will align with the GPO PLM to monitor any changes in relevant international standards and respective certification plans, to ensure consistency of the Vulnerability Handling & Disclosure Management with these standards, and to continuously improve MT practices regarding cybersecurity in alignment with the group-wide PLM Framework
- You will determine and execute the best methods to ensure that Product Developers are aware of all new application security controls during the development lifecycle and continue to monitor for new high risk to deployed products as described below
- You are responsible for conducting cybersecurity assessments of the organization´s products and customer facing digital services. The cybersecurity assessments include the design and implementation of a complete lifecycle process that identifies, evaluates, and prioritizes potential high-risk vulnerabilities (zero-day and others) to the organization's existing products or services
- You support actively product teams in developing solutions to address vulnerabilities and not only to focus on assessments and controls
- You have at least a Bachelor’s degree in Computer Science, Cyber Security or in a related field
- You bring a minimum of 5 years of relevant experience in a combination of the following areas
- Secure Application Development best practices, including application to product development processes
- Application Security tools and principles such as DAST, SAST, integrated scanning, product penetration assessments, vulnerability monitoring and prioritization
- Product Security principles, including hardening of embedded operating systems such as Debian Linux, industrial communications protocol security, network security, API security and application authentication security
- Working knowledge of various product security legislation such as the EU Cyber Resilience Act, NIS 2, and US procurement security requirements such as DFARS
- You have knowledge of common information security management frameworks, such as ISO/IEC 27001, and NIST
- You bring innovative thinking and leadership skills, a high level of personal integrity and the ability to influence people and organizations in a global matrix organization with you
- Furthermore, excellent written and verbal communication skills in English is required
- Flexible working hours (depending on the role), a hybrid work model, and a wide portfolio of training opportunities
- A 40-hour work week with at least 25 vacation days per year, plus 4 to 7 additional days off between bank holidays
- Free parking and direct access to public transport
- Healthy lunches cooked onsite at our own METTLER TOLEDO restaurant, with special prices for employees
- A range of additional attractive benefits, including employee discounts at select area businesses
Have we raised your interest? Then we look forward to receiving your complete application at our Job portal.
If you have any question, please do not hesitate to contact our Talent Acquisition Team ta-ch@mt.com.
Pour ceux qui priorisent la précision, Mettler Toledo est précisément le lieu où se trouve leur place.
Référence
Localisation souhaitée
Job Type
Entité légale