The Product Cybersecurity Business Process Owner (m/f/d) is responsible for managing and facilitating the integration of cybersecurity processes into the organization's Quality Management Systems. This includes maintaining documentation, tracking changes, coordinating with subject matter experts, and ensuring cybersecurity content is correctly implemented. Also, leads process onboarding, secures stakeholder approvals, conducts training, and promotes compliance across the organization.

Your responsibilities:

Support the Product Security Office (PSO) in onboarding Cybersecurity content into the Quality Management System (QMS)Represent the Cybersecurity Community and support the Product Security Governance Committee (PSGC) in driving its mission and initiativesManage roadmaps and artifacts related to cybersecurity processes, ensuring alignment with PSO and PSGC strategiesPlan and prioritize community capabilities while coordinating stakeholder requirements and driving continuous improvement of cybersecurity processes, tools, and training in alignment with strategic goals and industry standardsLead release planning of PSO/PSGC outputs and deliverables for relevant teams and stakeholdersFacilitate community member onboarding and integration through networking and supportSupport cost planning, budget control, and cost-efficient execution of cybersecurity initiativesPlan and manage resources for PSBPO activities, including research, team expansion, and translationsReport progress and escalate issues to PSO, PSGC, Digital Engineering leadership, and managementAct as liaison between PSO, PSGC, Cybersecurity Community, and broader organization, promoting cybersecurity cultureOwn and manage defined cybersecurity-related processes (SOPs) and ensure proper documentation

Your profile:

Successfully completed an university degree (BA) or vocational training, along with relevant additional qualificationsOver 5 years of experience in medical device security engineering, with a focus on product security in regulated environments, and several years of experience in project and process management is desiredKnowledge of medical device security, FDA regulations, quality control processes, and relevant standards (e.g., IEC 62304, IEC 62443, ISO 14971, NIST CSF).Expertise in threat modeling, risk management, vulnerability management, and cybersecurity testing methods/toolsStrong background in embedded systems security, secure coding, cryptography, and secure boot, with experience in hardware security modules (HSMs)Familiar with secure communication protocols (e.g., TLS, DTLS) and software development best practicesVery good written and spoken English, German desirable

Our offer for you:

There is a lot you can discover at Fresenius Medical Care, because we have a lot to offer. No matter in which field you are an expert (m/f/d) and how much experience you bring with you - for your professional future with meaning:

The option to work on a hybrid basisWhether in front of or behind the scenes - you are helping to make ever better medicine available to more and more people around the worldIndividual opportunities for self-determined career planning and professional developmentA corporate culture in which there is enough room for innovative thinking - to find the best solution together, not the quickest oneA large number of committed people with a wide range of skills, talents and experienceThe benefits of a successful global corporation with the collegial culture of a medium-sized company