Product Security Engineer – Vulnerability Reporting (m/w/d)

Product Security Engineer – Vulnerability Reporting (m/w/d)

Rolls-Royce Power Systems AG, headquartered in Friedrichshafen, is a global leader in integrated drive solutions and energy systems under the brand mtu. Our TRY Product Cybersecurity area ensures our products meet highest security requirements and remain protected against current cyber threats.

Role Overview

As part of the Product Security Incident Response Team (PSIRT), the Vulnerability Management function is the first point of contact for vulnerability analysis, security assessments, and communication with authorities and customers. We ensure that our products comply with the EU Cyber Resilience Act and stay technically up‑to‑date.

Responsibilities

• Identify and implement regulatory reporting requirements from relevant frameworks (e.g., Cyber Resilience Act).
• Analyze and evaluate vulnerability data to derive reportable incidents.
• Identify relevant information for regulatory or customer notifications.
• Prepare and deliver reports to authorities, customers, and internal stakeholders in coordination with functional areas.
• Collaborate closely with corporate communication to align reporting templates and communication content.
• Build, maintain, and continuously improve communication and reporting channels with authorities and supervisory bodies.

Qualifications

• Bachelor’s degree in Computer Science, Cybersecurity, Electrical Engineering, Law with IT focus, or related field.
• 2–5 years of experience in vulnerability management, incident handling, or the interface between technology and regulation.
• Knowledge of key cybersecurity regulatory frameworks (e.g., Cyber Resilience Act, NIS2, BSI Act, IEC 62443).
• Experience in analyzing, preparing, and presenting technical data to external stakeholders (authorities, customers).
• Preferably experience with reporting and communication processes in international conglomerates.
• Security certifications such as CompTIA Security+, CISSP, CCSP, or ISA/IEC 62443 Cybersecurity Expert are advantageous.
• High degree of independence, accuracy, and sense of responsibility.
• Excellent communication skills in German and English, particularly with authorities and supervisory bodies.

Benefits

• Fair working conditions with union binding (metal and electrical industry).
• Company‑provided health insurance (BKK MTU) for employees and families.
• Comprehensive corporate health management including fitness program (EGYM Wellpass).
• Competitive company pension scheme.
• Professional disability insurance.
• Mobility support (JobTicket and Jobrad).
• Corporate benefits program – discounts on popular brands.

Application

We are an equal opportunity employer committed to diversity and inclusive workplace. Please apply exclusively online through our career portal. Applications via other channels (including email) will not be considered.

Contact: Richard Vasquez –

Contract type: Permanent; Employment type: Full‑time; Seniority level: Mid‑Senior level; Industry: Machinery Manufacturing.