Supply Chain Risk Management Product Owner

At Liebherr-IT Services GmbH, we value the development of individual and entrepreneurial needs and therefore live the flex office: We work in a hybrid model with flexible working hours - both on site and mobile.Creating passion: your responsibilitiesGovernance and program planning: Own and operate the global SCRM process in close collaboration with the Risk Management Product team. Develop and maintain the SCRM process aligned with business needs, security risk appetite and compliance obligationsContractual Security Requirements: Define standard cybersecurity requirements for contracts and collaborate with Legal and Procurement to ensure their adoption for high-risk suppliers.Review and approve exceptions to standard security clauses based on risk-based justificationsSupplier Risk Classification and Tiering: Implement supplier risk tiering and classification framework based on criticality, data access, regulatory exposure, and inherent risk. Ensure consistent application of the tiering model and conduct periodic reviews to adjust for changes in the threat landscapeSupplier Assessments and Security Assurance: Oversee the planning, scoping, and execution of supplier security assessments, including onboarding and recurring reviews. Manage external assessment providers and ensure timely, high-quality outputs.Track remediation plans for non-compliant suppliers and escalate unresolved risksOperational Oversight: Maintain a central inventory of suppliers with risk tier classification, risk posture, and assessment status. Monitor and ensure SLA adherence of managed service providers conducting risk assessments and audits.Serve as the central point of contact for business units, Legal, Procurement, and Compliance regarding supplier risk issuesContinuous Improvement and Reporting: Analyze trends and findings from supplier assessments to drive service enhancements and efficiency. Report key risk indicators and metrics and support internal or external audits related to third-party risk. Support regulatory reporting requirements related to supplier securityContributing your strengths: your qualificationsBachelor’s/Master’s in Cybersecurity, Computer Science, or related field7+ years of working experience in information security, IT security or related roles5+ years of working experience in medium to large organizations in supply/third party risk management rolesCertifications such as CISSP, CISM, CRISC are a plusStrong knowledge of governance frameworks related to supply chain risk management NIST CSF, SP, ISOas well as Familiarity with VS-NfD and NIST SPrequirementsDemonstrated experience managing external assessment providersDemonstrated ability to manage stakeholders across IT, OT, engineering, and executive leadership in complex environmentsHighly desirable: experience in product ownership and service delivery using SAFe (Scaled Agile Framework) or similar agile methodologiesExcellent written and verbal communication skills in English and German is a plusOur commitment to you: your benefitsAs an internationally successful family business, the Liebherr Group offers you a secure job, a unique variety of tasks and exciting development opportunities. Become part of our strong team today and get to know the Liebherr Group as a reliable partner. Profit from these benefits:Attractive remuneration and social benefitsFlexible and hybrid workingFreedom for creative workCompany pension schemeCrisis-proof workplaceIndividual development and training opportunitiesEmployee benefits & discountsBicycle leasing through salary conversionHealthy & regional catering in the company restaurantCompany health management programmeEGYM WellpassGet your own impression of our Oberopfingen site: Liebherr - Imagefilm Standort Oberopfingen - YouTube and find your perfect match in our family business: Liebherr - Finde dein perfektes Match (youtube.com)Please only use the online application option.Haben wir Ihr Interesse geweckt? Dann freuen wir uns über Ihre Online-Bewerbung. Bei Fragen kontaktieren Sie bitte Verena Maucher.One Passion. Many Opportunities.Das Unternehmen​ Die Liebherr-IT Services GmbH mit Sitz in Oberopfingen bei Kirchdorf an der Iller erarbeitet IT-Lösungen für die gesamte Firmengruppe, koordiniert die standortübergreifenden IT-Anwendungen und berät die Gesellschaften der gesamten Firmengruppe in IT-Fragen.StandortLiebherr-IT Services GmbHSt. Vitus 1Deutschland (DE)KontaktVerena Maucher