Information Security Risk Management Product Owner – m/f/d
Liebherr Group
full-time
Posted on:
Location Type: Hybrid
Location: Madrid • Spain
Visit company websiteExplore more
Tech Stack
About the role
- Leads the design, improvement, and delivery of information security risk management capability
- Defines risk governance and methods and drives end-to-end risk activities
- Coordinates risk assessment and monitoring activities
- Reports key risks and trends to management through relevant committees and governance bodies
- Defines and owns the Risk Management Product scope, operating model, roadmap, and KPIs aligned with CIS and GRC strategy
- Establishes risk governance, decision rights, committees, and escalation paths
- Drives delivery of Risk Management initiatives with end-to-end coordination
- Defines and maintains the risk management framework, including methodology, policy/standard, templates, workflows, risk taxonomy
- Operates the unified risk register and enables end-to-end risk management activities
- Coordinates risk-related activities across CIS products and services to ensure consistent assessment
- Provides visibility of key risks, trends, KRIs, exceptions, and overdue risk decisions through dashboards and reporting
Requirements
- Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or related field
- 5+ years of working experience in information security, IT security, risk management or related roles
- Certifications such as CISSP, CISM, CRISC are a plus
- Strong understanding of NIST SP 800-39, NIST CSF, and ISO/IEC 27005 risk management concepts
- Experience in regulated industries (e.g., manufacturing, defense)
- Experience with a GRC/risk platform (e.g., ServiceNow GRC or similar), power BI and or similar tools for information security risk management reporting
- Demonstrated ability to manage stakeholders across IT, OT, engineering, and business management in complex environments
- Good analytical and communication skills to explain risk findings to both technical and non-technical stakeholders
- Fluency in English (written and spoken) is a must; skills in German would be an advantage
- Willingness and ability to travel to Liebherr sites worldwide up to 20% of the time (mostly Europe)
Benefits
- Competitive compensation and benefits package that recognizes your expertise
- Flexible and hybrid working model
- Creative freedom and responsibility to shape processes and solutions in our global transformation
- Continuous learning and development with tailored training and certification opportunities
- Meal vouchers
- Life and accident insurance
- Option to include a premium private health insurance package as part of the flexible remuneration
- A safe, stable and international workplace within a trusted family business that invests in people
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
risk managementinformation securityIT securityrisk assessmentrisk governancerisk frameworkrisk taxonomyNIST SP 800-39NIST CSFISO/IEC 27005
Soft Skills
analytical skillscommunication skillsstakeholder managementcoordinationdecision makingreportingvisibility of risksexplanation of risk findings
Certifications
CISSPCISMCRISC