Supply Chain Risk Management Product Owner

At Liebherr-IT Services GmbH, we value the development of individual and entrepreneurial needs and therefore live the flex office: We work in a hybrid model with flexible working hours - both on site and mobile.

Creating passion: your responsibilities

• Governance and program planning: Own and operate the global SCRM process in close collaboration with the Risk Management Product team. Develop and maintain the SCRM process aligned with business needs, security risk appetite and compliance obligations.
• Contractual Security Requirements: Define standard cybersecurity requirements for contracts and collaborate with Legal and Procurement to ensure their adoption for high-risk suppliers.Review and approve exceptions to standard security clauses based on risk-based justifications.
• Supplier Risk Classification and Tiering: Implement supplier risk tiering and classification framework based on criticality, data access, regulatory exposure, and inherent risk. Ensure consistent application of the tiering model and conduct periodic reviews to adjust for changes in the threat landscape.
• Supplier Assessments and Security Assurance: Oversee the planning, scoping, and execution of supplier security assessments, including onboarding and recurring reviews. Manage external assessment providers and ensure timely, high-quality outputs.Track remediation plans for non-compliant suppliers and escalate unresolved risks.
• Operational Oversight: Maintain a central inventory of suppliers with risk tier classification, risk posture, and assessment status. Monitor and ensure SLA adherence of managed service providers conducting risk assessments and audits.Serve as the central point of contact for business units, Legal, Procurement, and Compliance regarding supplier risk issues.
• Continuous Improvement and Reporting: Analyze trends and findings from supplier assessments to drive service enhancements and efficiency. Report key risk indicators and metrics and support internal or external audits related to third-party risk. Support regulatory reporting requirements related to supplier security.

Contributing your strengths: your qualifications

• Bachelor's/Master's in Cybersecurity, Computer Science, or related field.
• 7+ years of working experience in information security, IT security or related roles.
• 5+ years of working experience in medium to large organizations in supply/third party risk management roles.
• Certifications such as CISSP, CISM, CRISC are a plus.
• Strong knowledge of governance frameworks related to supply chain risk management NIST CSF, SP800-161, ISO 27001 as well as Familiarity with VS-NfD and NIST SP requirements.
• Demonstrated experience managing external assessment providers.
• Demonstrated ability to manage stakeholders across IT, OT, engineering, and executive leadership in complex environments.
• Highly desirable: experience in product ownership and service delivery using SAFe (Scaled Agile Framework) or similar agile methodologies.
• Excellent written and verbal communication skills in English and German is a plus.

Our commitment to you: your benefits

As an internationally successful family business, the Liebherr Group offers you a secure job, a unique variety of tasks and exciting development opportunities. Become part of our strong team today and get to know the Liebherr Group as a reliable partner. Profit from these benefits:

• Attractive remuneration and social benefits
• Flexible and hybrid working
• Freedom for creative work
• Company pension scheme
• Crisis-proof workplace
• Individual development and training opportunities
• Employee benefits & discounts
• Bicycle leasing through salary conversion
• Healthy & regional catering in the company restaurant
• Company health management programme
• EGYM Wellpass

Get your own impression of our Oberopfingen site: Liebherr - Imagefilm Standort Oberopfingen - YouTube and find your perfect match in our family business: Liebherr - Finde dein perfektes Match )

Please only use the online application option.

Haben wir Ihr Interesse geweckt? Dann freuen wir uns über Ihre Online-Bewerbung. Bei Fragen kontaktieren Sie bitte Verena Maucher.

One Passion. Many Opportunities.

Das Unternehmen

Die Liebherr-IT Services GmbH mit Sitz in Oberopfingen bei Kirchdorf an der Iller erarbeitet IT-Lösungen für die gesamte Firmengruppe, koordiniert die standortübergreifenden IT-Anwendungen und berät die Gesellschaften der gesamten Firmengruppe in IT-Fragen.

Standort

Liebherr-IT Services GmbH

St. Vitus 1

88457 Kirchdorf/Oberopfingen

Deutschland (DE)

Kontakt

Verena Maucher

---