Product Security Officer (m/f/d)

About the role

EPAM is seeking a seasoned Product Security Officer to ensure top-tier security across our diverse product portfolio. You will be responsible for establishing and enforcing robust product security practices, policies and processes to safeguard our clients' valuable assets. Collaborating closely with development teams, architects and stakeholders, you will identify and mitigate potential security risks across our comprehensive product portfolio. Be a vital part of our team, shaping secure development practices and ensuring optimal protection for our clients. Candidates with experience in the health industry are strongly encouraged to apply as they will be given preference for this position.

This role offers a hybrid work arrangement, providing flexibility to work from home while occasionally visiting client sites.

• Provide strategic and tactical guidance to certain industry verticals, enhance operational security, encompassing roadmaps, new regulations and risk postures
• Coordinate with cybersecurity leads and security architects to implement security-by-design principles
• Work in alignment with the Cybersecurity Lead, Security Architect and product development team to establish robust security measures across all product verticals
• Monitor and report on KPIs to the digital product security office, ensuring a high level of compliance with standards and managing risk levels
• Drive the adoption and integration of security-by-design principles, collaborating closely with the verticals to ensure security is a core component of all products
• Lead and execute operational security practices with the Cybersecurity Lead and Security Architect to achieve/maintain certifications required by regulation/law/customers to operate in global markets
• Assist the Cybersecurity Lead, Security Architect & PSIRT team in response efforts during security incidents

• Cybersecurity, Information Technology, Computer Science degree (Bachelors) OR equivalent experience
• Extensive experience in a Product Security Officer role, ideally with a focus on IoT or healthcare technologies
• Demonstrated understanding of IoT device security in a healthcare or medical context. Is an advantage
• Relevant certifications such as AWS Security Specialty, Azure Security Engineer, Google Cloud Security Engineer, Certified Kubernetes Security Specialist, CISSP, CCSP, SANS GIAC or similar qualifications are considered an advantage
• Experience with IoT security governance and IT general control frameworks such as ISO2700x, HIPPA, ISO 13485, NIST CSF, NIST 800-53, MDR (EU), etc. is considered a plus
• Proficient in strategic and tactical guidance, risk management practices and understanding of software development for IoT device
• Solid understanding of network access, identity, access management, applied cryptography, network security methodologies, secure software development methodologies
• Knowledge of Risk and Compliance Management, Operational Models, Business Continuity Plans and Disaster Recovery Plans
• Proven track record of driving security excellence across diverse IoT portfolios, preferably in the healthcare domain

• 30 days holiday per annum
• Company Pension Scheme
• Competitive compensation depending on experience and skills
• Regular performance assessments
• Fitness-First Black Membership
• bitkom - Corporate Benefits
• EPAM Employee Stock Purchase Plan (ESPP)
• Great learning and development opportunities, including in-house professional training, career advisory and coaching, sponsored professional certifications, well-being programs, LinkedIn Learning Solutions and much more
• Friendly and enjoyable working team
• Regular corporate and social events
• Flexible and remote working opportunities
• Certain benefits and perks may be subject to eligibility requirements

• EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential

• Work across markets and verticals and gain exposure to a great variety of projects and cutting-edge technologies
• Become part of a global community of well-connected experts across 50+ countries: enjoy a career without borders within an international environment
• Carve your career path: as the Fastest-Growing IT Services Company in the Fortune 100 List, EPAM is committed to help you discover your fullest potential by creating career plans that best suit you and your future plans
• EPAM Germany was named a Top Company 2022, 2023 & 2024 by Kununu for its people centric culture built on life-long learning