Product Security Officer

We are looking for a Product Security Officer. This position is part of the Product Cybersecurity Department, an organizational unit within the company that focuses on ensuring the security of its products and services. This department is responsible for implementing, managing, and overseeing cybersecurity measures specific to the development, deployment, and ongoing support of the company's products.

The primary responsibility of the position involves designing, implementing, testing, and managing security measures to protect computer systems, networks, and data. The role requires a deep understanding of current and emerging cybersecurity threats, as well as the ability to develop, implement, and test robust security solutions.

The Product Security Officer is ultimately responsible for the Privacy and Cybersecurity activities performed in Werfen Clinical Software. He / she interacts with the direction and senior management of the company.

This position is Hybrid (Remote 3 days and Presential 2 days per week).

1. Perform product security and privacy risk assessments.
2. Define the product security roadmap.
3. Ensure alignment between Werfen security and privacy compliance programs and policies and act as a liaison to the Clinical Software departments.
4. Provide guidance for the creation and evolution of the Quality Management System procedures for cybersecurity.
5. Review and approve security-related formal documentation of the products developed by the company.
6. Define security procedures and requirements for the Secure Development Life Cycle.

Education: Engineer, Computer Science or other Technical degree, or equivalent work experience.

Experience: The required work experience for the position is at least 5 years in product security.

The following work experience and qualifications are a plus:

• Strong knowledge of secure coding practices and product security best practices.
• Certifications such as Certified Ethical Hacker (CEH).
• Solid knowledge of SW testing processes and methodologies.
• Knowledge of relevant standards such as ISO 27001.
• Knowledge of medical device regulations.

• Strong analytical and problem-solving skills to identify and address security challenges and vulnerabilities.
• Effective communication skills to convey complex cybersecurity concepts to both technical and non-technical stakeholders.
• Willingness to stay updated on the latest cybersecurity trends, threats, and technologies through continuous learning and professional development.
• Ability to collaborate with cross-functional teams, share information, and work together to enhance overall cybersecurity posture.