Product Security Officer

City: Eindhoven



Our client is a high-tech machine developer, manufacturer and assembler. This all happens under one roof in the Brainport Eindhoven region. Client is a front runner when it comes to the development of high-tech machinery.



The Product Security Officer is an operational position responsible for assuring the client develops their products in compliance with the product security risk management framework and cross-product security reference architecture. This by providing advice, design, support, assurance, guidance, and subject matter expertise. A cutting edge position in a sense that it is a mix of security risk management and architecture related responsibilities.



  • Contribute to the development, maintenance, and improvements of product security compliance, risk, and assurance means and methods, such as policies, standards, benchmarks, guidelines, assessment tooling, security processes, etc.
  • Contribute to the development, maintenance, and improvements of product security architecture means and methods, such as cross-product security reference architecture and design patterns
  • Execute product security control and risk assessments and drive mitigation in product development processes
  • Register product security risks and exceptions in respective R&D registers
  • Execution and coordination in product security incident and exception management processes
  • Capable to design and to support in design of solution architecture (including technical and operational aspects) for product security services
  • Support business line programs, product architects, and engineers in solution architecture, design and implementation of security requirements in products and services
  • Provide and contribute to security awareness trainings for specialized topics such as secure software development



  • Bachelor/ master degree or equivalent combination of education and experience
  • Minimum of 5 years of relevant experience in IT security, OT security and information security risk management
  • Proven strong IT and software architecture knowledge and background
  • Proven experience with risk management frameworks such as ISO 27001
  • Vendor agnostic expertise of IT / software architecture
  • Knowledge of open source software
  • Experience in Linux environments
  • Proven up-to-date experience with vulnerability scanning and/or penetration testing
  • Pre: proven experience in secure software development and secure programming
  • Pre: Experience with certificates and encryption techniques
  • Pre: Knowledge of virtualization and containerization technologies such as VMware, Kubernetes and Docker
  • Generic security certifications like CISSP, and CISM
  • Specialized security certifications like CEH, SABSA, GDSA, and GCIH

Personal skills

    • Skill to lead, influence, and negotiate without authority
    • A business enabling security attitude in opposite to a business disabling one
    • Strong analytical skills in combination with common sense
    • Ability to translate risks, threats, and vulnerabilities to business stakeholder level and to drive risk mitigation, dealing with resistance and risk appetite
    • Pro-active and self-motivated attitude
    • Political aware and sensitive
    • Fluent English (written and verbal)
    • Team player
    • Strong communication and presentation skills
    • Drive to retrieve the root cause of the problem



  • Contribution to the development of state-of-the-art, high tech systems
  • You work in a very dynamic environment
  • You co-operate in multidisciplinary teams
  • International opportunities
  • A lot of attention for individual performance and talent
  • Excellent remuneration package


Yes! Is this your dream job?!