Bosch
IT Product Security Specialist (m/w/div.)
Full details on LinkedIn
The complete job description, requirements, and application details are available on the original posting.
About Bosch
Bosch, officially known as Robert Bosch GmbH, is a leading German multinational engineering and technology company founded in 1886. With operations in over 150 countries and a workforce of approximately 440,000 associates, Bosch focuses on innovation, sustainability, and social responsibility. The company invests significantly in research and development, employing around 87,000 associates across 136 global locations. Bosch operates in four main business sectors: Mobility Solutions, Industrial Technology, Consumer Goods, and Energy and Building Technology. It is recognized as the world's largest automotive supplier, offering a range of products including fuel injection systems, ABS, and electrification solutions. In the consumer goods sector, Bosch is known for its home appliances, such as washing machines and kitchen machines. The company also develops precision tools and connectivity-driven products, emphasizing user-friendly technology across various industries.
Security at Bosch
Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.
Security Philosophy
- Bosch follows a DevSecOps approach that integrates security into every phase of product development rather than treating it as an endpoint concern.
- The philosophy emphasizes automating security and finding the optimal balance in automation for security testing.
- The company establishes internal competence networks such as the Privacy Engineering Guild to distribute security expertise across the organization.
- A 'Shift Left' strategy is core to their approach, integrating security from the earliest stages of product design and architecture.
Security Team
Bosch maintains a global security team led by Chief Cyber Security Officer Christoph Peylo. The organization includes the Bosch Product Security Incident Response Team (PSIRT) as the central point of contact for external security researchers. Paul Duplys heads Safety, Security & Privacy within Bosch Research. The specific headcount for the AppSec sub-team is not publicly disclosed, though the organization emphasizes a distributed security competence network approach.
Key Initiatives
- Bosch maintains several key security initiatives including: (1) Security Champions Program through the internal Privacy Engineering Guild for knowledge sharing across teams.
- (2) 'Shift Left' implementation that integrates security into every development phase.
- (3) Centralized Vulnerability Management through PSIRT for external researcher intake and coordination.
- (4) Secure SDLC artifacts covering specification, technical implementation, and penetration/fuzz testing.
- (5) Digital Trust initiative led by CISO Christoph Peylo to ensure trustworthiness of AI products.
- (6) Regulatory monitoring and compliance for evolving standards including EU Cyber Resilience Act, NIS2, and Cybersecurity Labeling requirements.
Preparing for an AppSec interview?
Get the weekly briefing 2,000+ security pros trust.