Product Security Program Administrator at KION Group

Grand Rapids, Michigan, United States -

Full Time

Start Date

Immediate

Expiry Date

31 Jan, 26

Salary

125000.0

Posted On

02 Nov, 25

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Product Cybersecurity, Risk Management, Regulatory Compliance, Threat Modeling, Risk Assessment, Technical Documentation, Cybersecurity Auditing, Industrial Automation, Embedded Devices, Firmware, IT Software Development, Communication Skills, Self-Starter, Process Excellence, IEC 62443, Security Frameworks, Control Systems

Industry

Machinery Manufacturing

Description

This role resides within Dematic’s product security organization, responsible for the security of software and operational technology (OT) solutions used within automated warehouse environments. Dematic is an OEM and Systems Integrator of automated supply chain innovations such as conveyance, robotic mixed-case palletizing, micro-fulfillment centers, autonomous mobile robots, and high-density buffer storage overhead systems. Reporting to the Senior Manager of OT Security, the Product Security Program Administrator will be responsible for the administration of the Product Cybersecurity Design Program (PCDP). Aligned with IEC 62443-4-1, the PCDP is Dematic’s formal process to address product lifecycle security. The incumbent will consult disparate product teams on the required processes, activities, and deliverables relating to the PCDP. The incumbent will align with the process excellence and quality teams to ensure maintenance of the PCDP and regulatory compliance of Dematic products. The incumbent will guide a growing team of risk analysts and security engineers to fulfill day to day task work. The incumbent will embed with matrixed technical teams to research, audit, and produce specifications (i.e. context of use, threat model, risk assessment) resulting in regulatory compliance and risk informed controls engineering. The incumbent will leverage existing processes & standards, will create / update / publish information to supplement and grow the PCDP. The incumbent may assist in research and response to contract, proposal, or RFQ requests. The scope of this role is component & system-wide security for Dematic products & solutions, as applied to warehouse automation equipment, machine controls, software, and networks. The incumbent will provide varying levels of process & technical consultancy to product management, product engineers, and 3rd party vendors to ensure programmatic & technical security requirements for Dematic’s sophisticated industrial automation control products are satisfied. If you are passionate about risk informed engineering, compliance with emerging security regulations, and creating the future in a breakthrough segment of OT cybersecurity, this role is for you! We offer: Job Description Career Development Competitive Compensation and Benefits Pay Transparency Global Opportunities Learn More Here: https://www.dematic.com/en-us/about/careers/what-we-offer Dematic provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. The base pay range for this role is estimated to be $93,750-$125,000 at the time of posting. Final compensation will be determined by various factors such as work location, education, experience, knowledge, and skills. Tasks and Qualifications: What You Will Do in This Role: Administrate the Product Cybersecurity Design Program (PCDP). Consult disparate product teams on the required processes, activities, and deliverables relating to the PCDP. Execute the risk assessment and design review responsibilities defined within the PCDP tollgates. Champion the risk management framework within the PCDP resulting in secure-by-design products and reusable internal standards. Align with product teams to conduct context of use, threat modeling, and initial risk assessment within Dematic’s existing product catalog. Align with the quality and process excellence teams to drive regulatory security compliance of products. Maintain regular alignment and information sharing with enterprise IT, CTO, R&D, and other functions. Work closely with technical engineering teams to validate / supplement audit findings, derive appropriate technical controls, and produce required security documentation. Apply risk-based methodology to justify risk mitigation or acceptance. Specify controls based on risk informed decision-making accounting for finite resources and business priorities. Contribute & participate in regular scrums, technical design reviews, and regulatory security activities. Balance Dematic’s role as OEM and System Integrator against responsibilities and reasonable expectations of the Asset Owner within the risk management framework to achieve stewardship of finite resources. Convert product & system deliverables into Standards and publish within the PCDP for future reuse. What We Are Looking For: BS/MS in an engineering or computer science field, or 5+ years of industrial automation, networking, electrical engineering, or cybersecurity auditing experience, including technical knowledge of various security frameworks, standards, applications, and applied approaches. Process oriented expertise in risk informed cybersecurity engineering based on best practice and industry standards (i.e. IEC 62443) to produce secure by design products and fulfill emerging regulatory requirements. Experience in security or risk management relating to industrial automation control systems. General knowledge of hardware, embedded devices, firmware, IT hosted software development, and operating systems is required. Possession of excellent verbal and written communication skills within an organizational setting is strongly required. Keen ability to be a self-starter, execute with minimum supervision, and thrive in breakthrough segment of OT cybersecurity. CISSP, CRISC, GICSP, Security+, Network+, or similar certifications. Location & Authorization: This is a hybrid role requiring proximity to one of our U.S. offices (Grand Rapids, MI; Plano, TX; Salt Lake City, UT; or Milwaukee, WI). Applicants must be authorized to work in the U.S. without the need for current or future sponsorship. #LI-DP1 KION brands keep the world moving – globally, regionally, and locally. KION is the Supply Chain Solutions Company. With over 42,000 employees in more than 100 countries, we enable smart, sustainable, and reliable supply chains worldwide - wherever goods are stored, moved, or delivered. KION offers its customers the full spectrum of solutions to make their supply chains future-ready. Our international brands, Linde Material Handling, STILL, and Baoli and our regional brands, Fenwick and OM, stand for outstanding technological innovation, intelligent automation and service excellence in forklift trucks and warehouse equipment. Dematic complements this expertise with state-of-the-art automation technology and AI-supported software solutions that optimize intralogistics across warehousing, production, and distribution. Whether locally or globally – we offer exciting career opportunities in an innovative environment shaped by our core values: Integrity, Collaboration, Courage, and Excellence. Together, we create the magic of supply chain solutions. Join our team – Push it forward.

Responsibilities

The Product Security Program Administrator will manage the Product Cybersecurity Design Program (PCDP) and consult with product teams on security processes and deliverables. They will also guide a team of risk analysts and security engineers to ensure compliance and security in Dematic's automated solutions.