Siemens

Product & Solution Security Officer (PSSO)

Siemens$137K — $236K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • 7+ years of experience in cybersecurity, with 3-5 years in product security or secure software development.
  • Experience leading a vulnerability management program, focusing on triage and remediation.
  • Strong understanding of secure SDLC practices like threat modeling and security testing.
  • Familiarity with cloud-based SaaS products and their associated security risks and controls.
  • Ability to influence teams and build trust without direct authority.
  • Knowledge of security frameworks and standards such as NIST CSF and OWASP.
  • Experience supporting incident response in product or application security contexts.
  • Bachelor's degree in Computer Science, Information Security, or related field, or equivalent experience.

Responsibilities

  • Define and improve the Product & Solution Security strategy and ensure compliance with corporate policies.
  • Monitor the threat landscape and incorporate findings into strategy.
  • Lead the product vulnerability management program from identification to remediation.
  • Classify and prioritize security incidents, ensuring timely responses.
  • Build relationships with product management and engineering teams to communicate security needs effectively.
  • Serve as a security advisor for product design and threat modeling efforts.
  • Represent Brightly on product security matters and advise executive management accordingly.
  • Track adherence to security standards and escalate security risks as needed.

Benefits

  • Health and wellness benefits through Siemens.
  • Access to a variety of employee support programs.
Full Job Description


ABOUT THE JOB

Brightly Software, a Siemens company, is the global leader in intelligent asset management solutions, serving over 12,000 clients across education, public infrastructure, healthcare, and manufacturing. Our portfolio of cloud-based SaaS products spans CMMS, EAM, Strategic Asset Management, IoT Remote Monitoring, Sustainability, and Community Engagement platforms.

As our Product & Solution Security Officer (PSSO), you will serve as the product security leader within Brightly's CyberSecurity team, reporting directly to the Chief Information Security Officer (CISO). Working alongside a senior product security engineer, you will own and drive the product security strategy for the business unit - building the processes, relationships, and programs that keep our SaaS products secure and our customers protected.

This is a high-impact, highly visible role at the intersection of engineering, risk management, and executive communication. You'll be a trusted advisor to leadership, a collaborative partner to product and development teams, and the driving force behind a maturing product security program.

This U.S.-based role is ideally located in Raleigh, NC; however, we encourage applications from qualified remote candidates in the U.S. Qualified Applicants must be legally authorized for employment in the United States and will not require employer sponsored work authorization now or in the future for employment in the United States.

WHAT YOU WILL DO

DEFINE & DRIVE PRODUCT SECURITY STRATEGY

  • Define, own, and continuously improve the Product & Solution Security (PSS) strategy and implementation policy for Brightly Software, ensuring alignment with Siemens corporate policies, regulatory requirements, and contractual obligations.
  • Monitor the threat landscape, track reported vulnerabilities and security incidents, and incorporate findings into strategic planning.
  • Establish and maintain a process improvement program to embed security practices across the software development lifecycle (SDLC).
  • Ensure organizational readiness for product and solution security across all BSW teams and product lines.

LEAD VULNERABILITY & INCIDENT MANAGEMENT

  • Own and operate Brightly's product vulnerability management program end-to-end - from identification and triage through remediation tracking and closure.
  • Classify and prioritize vulnerabilities and security incidents in coordination with the CISO, driving timely and effective response.
  • Support incident response efforts, serving as a key contributor during active security events affecting BSW products.
  • Develop and maintain a supplier security qualification and certification program.

PARTNER WITH PRODUCT & ENGINEERING TEAMS

  • Build strong, trusted relationships with product management, R&D, and engineering teams to ensure security requirements are clearly communicated, understood, and implemented.
  • Serve as the primary security advisor to product and development stakeholders, guiding secure design decisions and threat modeling efforts.
  • Coordinate technical direction for product security mechanisms in collaboration with the product security engineer and project-level security contributors.
  • Advise on appropriate processes, tooling, and structures to introduce and sustain security across products, solutions, and services.

COMMUNICATE & REPRESENT PRODUCT SECURITY

  • Represent Brightly Software in all product and solution security matters - internally across the organization and externally as needed.
  • Advise executive management, product management, and R&D leadership on security posture, risks, and strategic priorities.
  • Ensure coordinated security messaging in alignment with Corporate Communications and the CISO.
  • Synchronize with Brightly's Information Security organization to ensure appropriate coverage across both product and IT infrastructure security domains.
  • Build and maintain an internal product security community, fostering awareness and a security-first culture across the business unit.

MEASURE, REPORT & ESCALATE

  • Track and report on adherence to product and solution security standards, policies, and the BSW implementation strategy.
  • Define risk acceptance criteria in collaboration with relevant stakeholders; lead escalation decisions for elevated security risks in products and solutions.
  • Provide regular reporting to the CISO; escalate emergencies promptly and synchronize with peer Product & Solution Security Officers across Siemens.
  • Coordinate product security compliance with legal, import, and export teams as required.

WHAT YOU NEED

  • 7+ years of experience in cybersecurity, with at least 3-5 years focused on product security, application security, or secure software development.
  • Demonstrated experience owning or leading a vulnerability management program, including triage, prioritization, and remediation tracking.
  • Strong understanding of secure SDLC practices, including threat modeling, security requirements definition, and security testing integration.
  • Experience working with cloud-based SaaS products and familiarity with common SaaS security risks and controls.
  • Proven ability to partner with and influence engineering and product teams without direct authority - you build trust, not bureaucracy.
  • Solid understanding of relevant security frameworks and standards (e.g., NIST CSF, ISO 27001, OWASP, CVE/CVSS scoring).
  • Experience supporting or leading incident response efforts in a product or application security context.
  • Strong written and verbal communication skills - you can translate complex security concepts for both technical and non-technical audiences.
  • Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience.

WHAT MAKES YOU A STANDOUT

  • Experience in a SaaS or software product company, ideally with exposure to asset management, IoT, or infrastructure technology domains.
  • Familiarity with Siemens Product & Solution Security (PSS) policies and frameworks, or similar enterprise security governance structures.
  • Relevant certifications such as CISSP, CSSLP, CEH, or GIAC GWEB/GPEN.
  • Experience building or maturing a product security program from the ground up - you know what good looks like and how to get there.
  • Comfort operating in a lean, high-ownership environment where you drive outcomes with a small, focused team.
  • Exposure to regulatory and compliance requirements relevant to SaaS products serving public sector, healthcare, or critical infrastructure clients (e.g., FedRAMP, HIPAA, SOC 2, ISO 27001).
  • Interest in AI and how to secure it-from safeguarding AI/ML components in products to exploring emerging AI threats. Expertise is a strong plus, but enthusiasm and an appetite to dive in are just as valuable.

You'll Benefit From
Siemens offers a variety of health and wellness benefits to our employees. Details regarding our benefits can be found here: https://www.benefitsquickstart.com/siemens/index.html
The pay range for this position is $137,731 - $236,110 annually. The actual wage offered may be lower or higher depending on budget and candidate experience, knowledge, skills, qualifications, and premium geographic location.

About Siemens

Siemens AG is a German multinational conglomerate company headquartered in Munich and the largest industrial manufacturing company in Europe with branch offices abroad. The principal divisions of the company are Industry, Energy, Healthcare, and Infrastructure & Cities, which represent the main activities of the company. The company is a prominent maker of medical diagnostics equipment and its medical health-care division, which generates about 12 percent of the company's total sales, is its second-most profitable unit, after the industrial automation division. The company is a component of the Euro Stoxx 50 stock market index. Siemens and its subsidiaries employ approximately 385,000 people worldwide and reported global revenue of around €87 billion in 2019 according to its earnings release.
Learn more about Siemens
Size
305,000 employees
Industry
Founded
1847
NASDAQ

Similar Jobs

More Jobs at Siemens

More Information Technology Jobs

Find similar Product & Solution Security Officer (PSSO) jobs: