Job Description
You'll be focused in
• Being part of security governance, contributing to the Cyber Security Management System (CSMS) framework
• Influencing the way we operate secure software
• As existing regulations are expected to strengthen, especially with regard to autonomous driving, a step-by-step further development of the software development process is also part of your tasks
• Working closely with the product teams to ensure that both the architecture and the development are up to current standards
• Guiding teams to implement technologies such as static application security testing, dynamic application security testing and fuzzing converge here under the keyword "DevSecOps"
• Working with the colleagues involved to develop the process for a secure software lifecycle and continuously optimize it in line with the latest standards (e.g. UNECE R155)
• Advising teams and establishing an expert group of security-savvy developers across all development teams within MAN
In order to succeed, you'll need
• Familiarity in typical security frameworks and best practices (e.g. OWASP, NIST, ISO,...)
• Assist in conducting risk assessments and contribute to risk mitigation strategies
• Assist in monitoring and improving cybersecurity awareness initiatives, adapting strategies as necessary to foster a strong cybersecurity culture within the organization
• Participate in the revision and implementation of security policies to align with industry standards best practices, fostering a culture of compliance across the organization
• Support cross-functional teams to ensure alignment with security objectives and compliance requirements.
