In your role as Product Security Engineer (m/f/d) you will be responsible for integrating and maintaining robust security practices within the product development process, ensuring that security risks are managed effectively and that products are resilient against potential threats.
This role plays a critical operational role in the implementation and execution of the Product Security Program across the global product portfolio, including active, nonactive, and digital products. The function supports the Product Security Officer by applying cybersecurity principles in day-to-day development activities, coordinating post market assessments, documenting risks, and ensuring the application of defined processes and controls in alignment with regulatory requirements and internal standards.
You will work closely with engineering, design quality, regulatory, and post-market teams to help embed security by design, support vulnerability handling, and contribute to continuous improvement of the product security framework.

• Provide hands-on security engineering support across the Water Systems product family, including embedded controllers, IoT components, and connected digital services
• Partner with R&D to integrate cybersecurity controls early in the development lifecycle, including, but not limited to secure boot, encrypted communication, and access control mechanisms
• Perform security design reviews, support code-level mitigation efforts, and contribute to validation of security features for WTS products and related platforms
• Serve as the technical point of contact for security topics related to WTS products, connectivity modules, and system interfaces
• Contribute to the operational execution of the Product Security Program within the assigned portfolio, ensuring alignment with internal frameworks and regulatory requirements (e.g., FDA, MDR, IEC 81001-5-1)
• Support vulnerability handling and coordinated disclosure processes, including triage, remediation tracking, and external communication preparation
• Participate in post-market surveillance of cybersecurity issues, including analysis of incidents and integration of lessons learned into the development process
• Maintain product-specific cybersecurity documentation, metrics, and audit-ready records
• Develop and maintain cybersecurity plans (e.g., Cybersecurity Management Plan) throughout the product lifecycle
• Perform or support threat modeling, attack surface analysis, and cybersecurity risk assessments in accordance with regulatory expectations and internal documentation
• Assist in defining risk mitigations and evaluating residual risks to support design decisions and regulatory justifications
• Contribute security input to product roadmaps, change impact assessments, and submission dossiers
• Participation in medical device cybersecurity events/conferences