The Product Security Expert (f/m/d) plays a critical operational role in the implementation and execution of the Product Security Program across the global product portfolio, including active, nonactive, and digital devices. The function supports the Product Security Officer by applying cybersecurity principles in day-to-day development activities, coordinating post market assessments, documenting risks, and ensuring the application of defined processes and controls in alignment with regulatory requirements and internal standards.
The function works closely with engineering, design quality, regulatory, and post-market teams to help embed security by design, support vulnerability handling, and contribute to continuous improvement of the product security framework.

Execution of the Product Security Program

• Maintain and continuously update the Cybersecurity Risk Register for all products in the portfolio
• Execute the Post-Market Surveillance process for cybersecurity, including analysis of security-related complaints, incidents, and vulnerabilities
• Operate the Coordinated Vulnerability Disclosure and Incident Response process, including triage, coordination, tracking, and documentation.
• Act as the primary coordinator for product-related cybersecurity activities, working closely with R&D and system engineering teams to ensure secure product development
• Contribute to the development and rollout of cybersecurity-related policies, SOPs, and guidelines, ensuring alignment with the overall QMS and evolving regulatory requirements

Product-Level Security Planning

• Define and maintain Cybersecurity Management Plans and Security Verification Plans for CE products throughout the development lifecycle
• Support Security Risk Management activities, including threat and risk analysis, countermeasure definition, and evaluation of residual cybersecurity risks
• Support the preparation of risk/benefit assessments for cybersecurity risks to enable informed decision-making and documentation
• Collaborate in product roadmap planning, contributing cybersecurity input and supporting alignment with the state of the art in security technologies and practices