As one of the world’s leading expert organizations, DEKRA currently employs almost 44,000 people in approximately 60 countries on all five continents. With qualified and independent expert services, they work to achieve the company's vision that DEKRA will be the global partner for a safe world.
Role Purpose
Lead the strategy, portfolio, and P&L of cybersecurity assessment and certification products; set the multi year roadmap, go to market, partner ecosystem and investment cases; ensure compliance with applicable standards and accreditation rules in close duo leadership with Technical Coordinator(s) who own the technical rulesets, methods and competence frameworks.
Programs in Scope (overview)
• ISO/IEC 27001:2022 – ISMS requirements and revised Annex A controls; ISO/IEC 27006 1:2024 for ISMS CB accreditation (audit time, remote audits, reporting).
• TISAX (ENX) / VDA ISA v6 – industry assessment/exchange (labels AL2/AL3; v6 adds strong availability and OT/IEC 62443 alignment).
• AutoSQS (IAQSA) – in force since Oct 1, 2024, software quality & safety for automotive (complementary to ISO 9001/IATF; supportive to R155/R156).
• ISO/IEC 42001:2023 (AIMS) – AI governance standard, synergistic with ISMS and automotive software assurance.
Qualification Requirements
• Education & Experience: University degree in IT/engineering or equivalent; ≥4 years in product/portfolio leadership for cybersecurity/automotive/security certification or assurance.
• Competence: Strong grasp of ISMS/TISAX/AutoSQS market dynamics, accreditation constraints (27006 1), and automotive regulatory drivers (R155/21434); experience building partner programs and scalable delivery models; financial acumen (P&L
• Languages: Fluent English (German a plus).
Responsibilities (Strategy & Management)
A. Portfolio Strategy & Roadmap
• Define 3 year product strategy, value propositions and roadmaps. Prioritize features (e.g., multi site/remote audit models, tiered readiness packages).
B. P&L Ownership & Business Planning
• Own revenue, margin and pricing; build business cases (CAPEX/OPEX), capacity plans, and utilization targets; drive profitable growth across regions/segments.
C. Operating Model with Technical Coordinators (TCs)
• RACI: PM owns what & why (market need, offer design, GTM, commercials); TC owns how (scheme rules, methods, competence models, file quality). Jointly approve program procedures and competence criteria; TCs lead witnessing and technical sign offs, PM leads commercialization and scale up.
D. Go to Market & Ecosystems
• Build partner network (e.g., ENX listed providers, OEM/Tier liaisons, IAQSA/AutoSQS alliances); create campaigns, playbooks and sales enablement; manage lighthouse accounts and references.
E. Accreditation & Risk Strategy [portal.enx.com], [auto.jgvogel.cn]
• Plan accreditation scope strategy (codes/IAF scopes, cross country leverage), remote auditing policy, and transition timelines (e.g., 27006 1 adoption milestones with ABs).
F. Data, Quality & Tooling [blog.ansi.org]
• Define KPIs, dashboards and digital tool stack (planning, time calculation, file QA); drive “first time right” and audit cycle time improvements.
G. People & Capability
• Build a bench of auditors/experts with TCs (recruitment, onboarding, CPD, witnessing strategy) aligned to market demand clusters (automotive, discrete manufacturing, cloud/OT).
In addition to competitive comprehensive compensation and benefits , we also provide you with the opportunity to work independently and take on responsibility from an early stage. We stand for many and varied career options and invest in your further development.