Die Liebherr-IT Services GmbH mit Sitz in Oberopfingen bei Kirchdorf
an der Iller erarbeitet IT-Lösungen für die gesamte Firmengruppe,
koordiniert die standortübergreifenden IT-Anwendungen und berät die
Gesellschaften der gesamten Firmengruppe in IT-Fragen. Governance and
program planning: Own and operate the global SCRM process in close
collaboration with the Risk Management Product team. Develop and
maintain the SCRM process aligned with business needs, security risk
appetite and compliance obligations. Contractual Security
Requirements: Define standard cybersecurity requirements for contracts
and collaborate with Legal and Procurement to ensure their adoption
for high-risk suppliers.Review and approve exceptions to standard
security clauses based on risk-based justifications. Supplier Risk
Classification and Tiering: Implement supplier risk tiering and
classification framework based on criticality, data access, regulatory
exposure, and inherent risk. Ensure consistent application of the
tiering model and conduct periodic reviews to adjust for changes in
the threat landscape. Supplier Assessments and Security Assurance:
Oversee the planning, scoping, and execution of supplier security
assessments, including onboarding and recurring reviews. Manage
external assessment providers and ensure timely, high-quality
outputs.Track remediation plans for non-compliant suppliers and
escalate unresolved risks. Operational Oversight: Maintain a central
inventory of suppliers with risk tier classification, risk posture,
and assessment status. Monitor and ensure SLA adherence of managed
service providers conducting risk assessments and audits.Serve as the
central point of contact for business units, Legal, Procurement, and
Compliance regarding supplier risk issues. Continuous Improvement and
Reporting: Analyze trends and findings from supplier assessments to
drive service enhancements and efficiency. Report key risk indicators
and metrics and support internal or external audits related to
third-party risk. Support regulatory reporting requirements related to
supplier security. Bachelor’s/Master’s in Cybersecurity, Computer
Science, or related field. 7+ years of working experience in
information security, IT security or related roles. 5+ years of
working experience in medium to large organizations in supply/third
party risk management roles. Certifications such as CISSP, CISM, CRISC
are a plus. Strong knowledge of governance frameworks related to
supply chain risk management NIST CSF, SP800-161, ISO 27001 as well as
Familiarity with VS-NfD and NIST SP 800-171 requirements. Demonstrated
experience managing external assessment providers. Demonstrated
ability to manage stakeholders across IT, OT, engineering, and
executive leadership in complex environments. Highly desirable:
experience in product ownership and service delivery using SAFe
(Scaled Agile Framework) or similar agile methodologies. Excellent
written and verbal communication skills in English and German is a
plus As an internationally successful family business, the Liebherr
Group offers you a secure job, a unique variety of tasks and exciting
development opportunities. Become part of our strong team today and
get to know the Liebherr Group as a reliable partner. Profit from
these benefits: Attractive remuneration and social benefits Flexible
and hybrid working Freedom for creative work Company pension scheme
Crisis-proof workplace Individual development and training
opportunities Employee benefits & discounts Bicycle leasing through
salary conversion Healthy & regional catering in the company
restaurant Company health management programme EGYM Wellpass Get your
own impression of our Oberopfingen site: Liebherr - Imagefilm Standort
Oberopfingen - YouTube and find your perfect match in our family
business: Liebherr - Finde dein perfektes Match! (youtube.com) Please
only use the online application option. Reference 79921 Standort
Liebherr-IT Services GmbH St. Vitus 1 88457 Oberopfingen/Kirchdorf an
der Iller Deutschland Kontakt verena.maucher@liebherr.com