YourLiebherrCareer Information Security Risk Management Product Owner (mfd

Risk Management Product Ownership & Governance: Define and own the Risk Management Product scope operating model roadmap and KPIs aligned with CIS and GRC strategy. Establish risk governance decision rights committees and escalation paths and ensure risk management is embedded into business and IT decision-making. Drive delivery of Risk Management initiatives with end-to-end coordinating activities milestones and outcomes directly with stakeholders. Enterprise Information Security RiskFramework & Practices: Define and maintain the risk management framework including methodology policy/standard templates workflows risk taxonomy and impact criteria (risk impact matrices) for group divisions companies and systems. Ensure risk practices are standardized measurable and consistently applied.

End-to-End Risk Lifecycle & Risk Register Operations: Operate supported by different information security teams with assigned responsibility for risk management the unified risk register and enable end-to-end risk management activities across group division and company layers including risk identification assessment treatment decisions mitigation tracking POA&Ms exception management and formal risk acceptance. Support business and IT risk owners to ensure traceable ownership and timely risk decisions.

Cross-Product Coordination for Risk Assessments & Monitoring: Coordinate risk-related activities across CIS products and services to ensure consistent assessment of inputs outputs and handoffs. Aggregate and govern follow-up of risks arising from controls assessments internal audits and other security assessments; monitor status drive closure and ensure consistent reporting of residual risk.

Risk Reporting & Executive Oversight: Provide visibility of key risks trends KRIs exceptions and overdue risk decisions through dashboards and reporting. Report risk status and performance to management through relevant committees and governance bodies and drive continuous improvement based on metrics and lessons learned.

• Bachelors or Masters degree in Cybersecurity Computer Science or related field
• 5 years of working experience in information security IT security risk management or related roles.
• Certifications such as CISSP CISM CRISC are a plus.
• Strong understanding of NIST SP 800-39 NIST CSF and ISO/IEC 27005 risk management concepts.
• Experience in regulated industries (e.g. manufacturing defense).
• Experience with a GRC/risk platform (e.g. ServiceNow GRC or similar) power BI and or similar tools for information security risk management reporting.
• Demonstrated ability to manage stakeholders across IT OT engineering and business management in complex environments.
• Good analytical and communication skills to explain risk findings to both technical and non-technical stakeholders.
• Fluency in English (written and spoken) is a must; skills in German would be an advantage.
• Willingness and ability to travel to Liebherr sites worldwide up to 20% of the time (mostly Europe).

At Liebherr we believe people are at the heart of our success. As part of our international team youll enjoy a secure role in a family-owned company that values innovation collaboration and long-term career growth:

• Competitive compensation and benefits package that recognizes your expertise
• Flexible and hybrid working model
• Creative freedom and responsibility to shape processes and solutions in our global transformation
• Continuous learning and development with tailored training and certification opportunities
• Meal vouchers
• Life and accident insurance
• Option to include a premium private health insurance package as part of the flexible remuneration
• A safe stable and international workplace within a trusted family business that invests in people
  

Please only use the online application option.

Please note that we do not accept applications via recruitment agencies for this position.

Have we awoken your interest Then we look forward to receiving your online application. If you have any questions please contact Karoliina Rissanen.

One Passion. Many Opportunities.