Third Party Risk Management Product Owner
Liebherr Group
full-time
Posted on:
Location Type: Hybrid
Location: Kirchdorf/Oberopfingen • Germany
Visit company websiteExplore more
Tech Stack
About the role
- Own and operate the global SCRM process in close collaboration with the Risk Management Product team
- Develop and maintain the SCRM process aligned with business needs, the organization’s security risk appetite, and compliance obligations
- Define standard cybersecurity requirements for contracts and collaborate with Legal and Procurement to ensure their adoption for high-risk suppliers
- Implement a supplier risk tiering and classification framework based on criticality, data access, regulatory exposure, and inherent risk
- Oversee the planning, scoping, and execution of supplier security assessments, including onboarding and periodic reviews
- Maintain a central inventory of suppliers with risk tier classification, risk posture, and assessment status
- Analyze trends and findings from supplier assessments to drive service improvements and operational efficiency
Requirements
- Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or a related field
- 7+ years of experience in information security, IT security, or related roles
- 5+ years of experience in medium to large organizations in supply/third-party risk management roles
- Certifications such as CISSP, CISM, CRISC are a plus
- Strong knowledge of governance frameworks related to supply chain risk management, such as NIST CSF, NIST SP 800-161, and ISO/IEC 27001
- Familiarity with VS-NfD and NIST SP 800-171 requirements
- Proven experience managing external assessment providers
- Excellent written and verbal communication skills in English; German is a plus
Benefits
- Competitive salary and comprehensive benefits
- Flexible and hybrid working arrangements
- Freedom to work creatively
- Company pension plan
- Secure job in a resilient organization
- Individual development and training opportunities
- Employee offers and discounts
- Bike leasing through salary conversion
- Healthy, locally sourced meals in the company restaurant
- Corporate health management
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
cybersecurityinformation securityIT securitysupply chain risk managementrisk assessmentrisk classificationdata access managementregulatory complianceservice improvementoperational efficiency
Soft Skills
collaborationcommunicationanalytical thinkingproblem-solvingorganizational skills
Certifications
CISSPCISMCRISC