Software Cyber Security Lead

Shape the future of tomorrow's cash cycle with us. As an innovator, market leader and trusted partner of central banks and the entire currency industry, we at G+D Currency Technology develop state-of-the-art systems for banknote processing, invest in automation and increase the security and efficiency of the entire cash cycle with our digital cash management and cash logistics solution portfolio.

As being the Cyber Security Lead within R&D Software Solutions you will design, drive and oversee all of our security measures across our development process, toolchain, practices and products, ranging from real-time software to our Azure-based cloud platform and software solutions. Together with the Software Engineering Excellence Lead and the Software Quality Assurance Lead, you form the center of Software Engineering Excellence to continuously strengthen our best-in-class software development teams, spanning across Munich and Gurugram, focusing on efficiency and effectiveness to meet our business goals.

You take responsibility for the Secure Software Development Lifecycle based on the OWASP-SAMM model. Working with senior leadership, cross-functional teams, established security champions and corporate security, you'll drive security innovation while ensuring our solutions meet cybersecurity and compliance requirements. Security by Design and Security by Default are at your heart.

This strategic role requires a strong background in cybersecurity, broad technical knowledge and leadership skills to continuously foster our security excellence and stay ahead of emerging security threats in an ever changing and fast paced environment to achieve our business goals.

• Responsibility for the cyber security of software development across the development sites in Munich and Gurugram: You ensure that all software products and services are developed according to the highest security standards and follow Security-by-Design and Security-by-Default principles.
• Implementation and management of the Secure Software Development Lifecycle SSDLC: You will establish and monitor processes and measures along the entire development cycle in accordance with the OWASP SAMM model.
• Security awareness and training: You promote security awareness in the development teams through trainings, workshops and targeted knowledge transfer.
• Security architecture and reviews: You will advise teams on the secure architecture and threat modelling of software solutions and conduct regular security reviews and threat assessments.
• Automation of security checks: With the DevSecOps team, you will integrate security tools (e.g. SAST, DAST, Dependency Scanning) into the CI/CD pipelines and ensure automated security checks.
• Incident management and response: You will develop and improve processes for the secure handling of security incidents and related response.
• Close collaboration: You closely work together with Development, QA, DevOps, IT Security and other stakeholders across locations.
• Monitoring and reporting: You will regularly measure and report on the maturity level of software security and derive targeted improvement measures from this.

• Master's degree in computer science and several years of demonstrable experience in the field of software security across different technologies.
• Sound knowledge of the Secure Software Development Lifecycle and practical experience with the OWASP SAMM model.
• Strong understanding of security standards and compliance frameworks (e.g. SOC2 Type 2, ISO 27001, BSI, CRA, DORA, PCI DSS).
• Deep technical understanding of software development (e.g. C, C++, C#, Java, Python) and cloud environments (Azure).
• Experience with security tools such as static/dynamic code analysis, vulnerability scans and dependency management.
• Excellent communication and consulting skills as well as the ability to convey complex Security topics in an understandable way.
• Analytical and strategic thinking with a high level of initiative and assertiveness.
• Very good written and spoken German and English skills.

• You can freely choose your working hours between 6 a.m. and 10 p.m., work on a mobile or on-site basis at times and - if you wish - work on a Saturday instead of during the week
• With regular, mutual and appreciative feedback, we support you in your individual development and learn from you in the process
• You benefit from an active work-life balance, attractive family benefits and a diverse company health management program

$$ We are an equal opportunity employer We promote diversity in all its forms and create an inclusive work environment, free from prejudice, discrimination and harassment, in which all employees feel a sense of belonging. We warmly welcome all applications regardless of gender, age, race or ethnic origin, social and cultural background, religion, disability and sexual orientation. 

 $$ Claudia Laub $$ - $$ $$ $$