Job Description

Mainz, Germany | full time | Job ID: 11389

About the Role:

As the Product Owner for Vulnerability Management & Effectiveness, you will oversee our IT vulnerability management program, ensuring effective identification, assessment, and tracking of vulnerabilities. In this strategic advisory role, you will define processes, set up scans, create incidents based on findings, and coordinate remediation efforts with responsible teams. Additionally, you will plan penetration testing and red teaming activities while maintaining the vulnerability management solution. Your focus will be on process management and stakeholder coordination rather than hands-on technical implementation.

Your Contribution:

• Define and implement processes, handbooks, and workflows for vulnerability management
• Maintain the vulnerability management solution, including technical updates such as updating local scanners
• Lead and manage external service providers to ensure effective and proactive vulnerability management
• Collaborate with internal stakeholders to set up scans, including firewall exclusions and tool configurations
• Create incidents based on scan findings, assign them to responsible teams, and follow up to ensure timely resolution
• Provide recommendations for fixing solutions based on tool outputs without direct implementation responsibility
• Plan, scope, and align penetration testing and red teaming activities with internal and external stakeholders
• Work closely with internal teams and external providers to ensure effective vulnerability management and testing coordination
• Ensure vulnerability management processes align with regulatory and organizational compliance requirements
  

A Good Match:

• Bachelor’s degree in Information Security, Computer Science, or a related field
• Several years of experience in vulnerability management, cybersecurity, or related roles
• Strong knowledge of vulnerability management tools (e.g., Nessus, MS Defender, Qualys, Tenable) and frameworks
• Experience coordinating penetration testing and red teaming activities
• Familiarity with incident management processes and tools
• Proven ability to work collaboratively with cross-functional teams and external providers
• Excellent organizational and project management skills
• Analytical mindset with the ability to interpret scan results and provide actionable recommendations
• Strong communication skills for stakeholder coordination
• Knowledge of cybersecurity standards (e.g., NIST, OSCP, CEH oder HTB CPTS or ISO 27001)
• Fluent English skills, German is a plus

Your Benefits:

It's our priority to support you:

• Your flexibility: flexible hours | vacation account
• Your growth: Digital Learning | Performance & talent development | leadership development | Apprenticeships | LinkedIn Learning
• Your value: Your voice at the table | Culture on an equal footing | Opportunities to shape & impact | Support for your full potential
• Your health and lifestyle: Company bike
• Your mobility: Job ticket | Deutschlandticket
• Your life phases: Employer-funded pension | Childcare

Apply now - We look forward to your application!

Apply to our Mainz, Germanylocation by sending us your documents via our online form. For any questions, contact our talent acquisition team on: + 49 (0) 6131-9084-1291 (Monday-Friday from 1 PM to 3 PM CET).

Job ID 11389 (please always specify if you have any questions)

By submitting your application, you acknowledge that a background check will be conducted as part of the recruitment process in accordance with applicable laws and regulations. If you are considered for the position, BioNTech will conduct the background check through our service provider ‘HireRight’. You will be informed accordingly by your BioNTech-Recruiter.