(Senior) Product Security Engineer (m/f/d)

At KARL STORZ, we take pride in helping patients through some of the toughest journeys of their lives.
We are making contributions that matter.
Regardless of your role, YOU improve patients’ lives every day.

Get to know us and join our team as

• You are responsible for the cybersecurity risk assessment and all technical decisions related to cybersecurity within the scope of your assigned products over their full lifecycle.
• Drawing on your extensive experience, you ensure that the security architecture of our products aligns seamlessly with global company-wide solutions.
• You perform Data Privacy Impact Assessments for products that process sensitive customer data.
• Leveraging your deep understanding of international regulations in the field of Medical Technology, you ensure compliance of specific products with regulatory cybersecurity requirements (e.g., MDR/FDA) and data protection laws (e.g., GDPR/HIPAA).
• You advocate for “security by design” and “privacy by design” principles in your products and in discussions with stakeholders.
• You observe new threats across multiple products and analyze the need for additional mitigation steps.
• Your proactive approach allows you to swiftly initiate emergency measures when critical threats are identified.
• In your role, you are building the communicative bridge between technical deep dives with developers and reporting to senior management on all matters regarding cybersecurity.

Your Talents

• Completed degree in Computer Science, Informatics, or otherwise acquired knowledge of cybersecurity.
• Successfully worked with product-related cybersecurity and profound knowledge of current security standards, best practices, and procedures.
• Strong knowledge of threat modeling and vulnerability management.
• Knowledge of security-related norms and standards such as ISO/IEC 27001 or IEC 81001-5-1 and other cybersecurity frameworks.
• Proficiency in C or C++, software development concepts, and architecture.
• Knowledge of security-related tools in the field of SCA, DAST, SAST, IAST.
• Methodical and analytical approach.
• Very good knowledge of English.
• Flexible working hours & mobile working: In many areas, working hours and location can be arranged as required.
• 30 vacation days and various special payments.
• Further training opportunities: Open in-house seminar program, extensive e-learning offering, professional development courses, and much more.
• Corporate benefits and bicycle leasing.
• Subsidy for private pension plan and company health management.
• Various childcare options – at the headquarters in Tuttlingen.
• Health, sports, cultural, and leisure activities – offers vary depending on location.