Requisition ID: 42595
Job Location(s):Hamburg, DE Neumuenster, DE Ames, IA, US Castel San Pietro Terme, IT Minneapolis, MN, US

JOB DESCRIPTION

Danfoss Power Solutions designs and manufactures a complete range of engineered components and systems. From hydraulics and electrification to fluid conveyance, electronic controls, and software, our solutions are engineered with an uncompromising focus on quality, reliability, safety, and efficiency while reducing or eliminating emissions.
Join us as a Product Cybersecurity Lead (m/f/d) in Europe or the USA (remote work possible) for an exciting opportunity to establish and lead product security initiatives, collaborate with cross-functional teams, and shape the future of cybersecurity at Danfoss Power Solutions.

BACKGROUND & SKILLS

At Danfoss, we believe that a diverse and inclusive workplace fosters creativity, innovation, and a broader perspective in decision-making. When you consider this job posting, do you feel like your profile is not a perfect match? Numerous studies have found that women and people of color are more likely to apply only when they meet all requirements listed in the job posting. Even if you do not check all the boxes, we encourage you to apply anyway. We are curious to find out how you can bring new insights to the role or to Danfoss as an organization.

We are looking forwarding to reading your application if you meet the following criteria:

• 5+ years in cybersecurity, with at least 2 years in product or application security.
• Experience in designing and implementing organizational structures or cross-functional processes.
• Great knowledge of secure software development lifecycle and secure coding principles.
• Experience in assessing and improving the security of legacy products.
• Familiarity with security regulations (NIS 2, RED, MR, CRA) and standards (IEC 62443, ISO 21434, ISO 27000 series).
• Hands-on experience in threat modeling, penetration testing, and incident response.
• Excellent communication skills for technical and non-technical stakeholders.

Preferred Skills:

• Knowledge of ASPICE, CMMi, or similar best practices.
• Experience with security in CI/CD pipelines.
• Knowledge of cloud security (AWS, Azure, GCP).

For further questions, please contact Friederike Gottwald, Talent Acquisition Partner, at +49 40 7367 5131.

LI-FG1

• Establish Product Security Practices: Develop and implement security strategies, policies, and standards.
• Organizational Structure and Setup: Design and implement the product security function and define roles. Align security efforts across business units.
• Transition Strategy for Legacy Products: Assess current cybersecurity posture and develop a transition strategy.
• Risk Management: Perform threat modeling and maintain a risk assessment framework.
• Training and Awareness: Provide security training and promote a security-first culture.
• Product Security Assessments: Conduct security reviews and manage penetration tests.
• Legacy Product Execution: Lead security upgrades and monitor key performance indicators.
• Incident Response: Handle security incidents and communicate findings.
• Compliance and Standards: Ensure regulatory compliance and support audits.
• Tooling and Automation: Manage security tools and automate testing in CI/CD pipelines.
• Collaboration: Work with various internal stakeholders & external stakeholders to integrate security into all product phase & bridge between the centralized software organization and business units