Product Security Officer

Job Summary

We are looking for a Product Security Officer. This position is part of the Product Cybersecurity Department, an organizational unit within the company that focuses on ensuring the security of its products and services. This department is responsible for implementing, managing, and overseeing cybersecurity measures specific to the development, deployment, and ongoing support of the company's products

The primary responsibility of the position involves designing, implementing, testing, and managing security measures to protect computer systems, networks, and data. The role requires a deep understanding of current and emerging cybersecurity threats, as well as the ability to develop, implement and test robust security solutions

The Product Security Officer is the ultimate responsible of the Privacy and Cybersecurity activities performed in Werfen Clinical Software. He/she interacts with the direction and senior management of the company

This position is Hybrid (Remote 3 days and Presential 2 day per week):

• Av. Can Montcau, 7,Lliçà d'Amunt, Barcelona

https://www.werfen.com/en

https://www.werfen.com/en/clinical-software-landing

Key Accountabilities:

• Perform product security and privacy risk assessments
• Define the product security roadmap
• Ensure alignment between Werfen security and privacy compliance programs and policies and acts as a liaison to the Clinical Software departments
• Provide guidance for the creation and evolution of the Quality Management System procedures for cybersecurity
• Reviews and approves security-related formal documentation of the products developed by the company
• Defining security procedures and requirements for the Secure Development Life Cycle.

Minimum Knowledge & Experience required for the position:

• Education: Engineer, computer Science or other Technical degree, or equivalent work experience
• Experience:
• The required work experience by the position is at least 5 years in product security.
• The following work experience and qualifications are a plus:
• Strong knowledge of secure coding practices and product security best practices
• Certifications such as Certified Ethical Hacker (CEH)
• Solid knowledge on SW testing process and methodology
• Knowledge on relevant standards such as ISO 27001
• Knowledge of medical device regulations

Skills & Capabilities:

• Strong analytical and problem-solving skills to identify and address security challenges and vulnerabilities
• Effective communication skills to convey complex cybersecurity concepts to both technical and non-technical stakeholders
• Willingness to stay updated on the latest cybersecurity trends, threats, and technologies through continuous learning and professional development
• Ability to collaborate with cross-functional teams, share information, and work together to enhance overall cybersecurity posture