Senior OT Product Security Architect – Cyber Resilience Act (M/F/D)

Senior OT Product Security Architect – Cyber Resilience Act (M/F/D)

Tasks

• Provide conceptual consulting and implementation guidance for the Cyber Resilience Act (CRA) Essential Product Requirements within existing on-premise product software in a bioprocess and laboratory equipment environment
• Translate regulatory cybersecurity requirements into concrete, implementable architectural and product-level security concepts for software applications and embedded systems
• Define and maintain secure architecture principles, design patterns, and reference architectures for Windows- and Linux-based product software
• Develop technical solution concepts for secure authentication & authorization, identity management, secure interfaces, secret and key management, and secure software update mechanisms in industrial/OT environments
• Support implementation of CRA-related security update, vulnerability handling, and incident reporting requirements
• Conduct security architecture reviews, risk assessments, and support security testing activities (e.g., penetration testing)
• Ensure alignment with Secure Software Development Lifecycle (SSDLC) principles in close collaboration with Development, OT, IT, and DevOps teams
• Assess security impacts across laboratory devices and industrial bioprocess systems (ranging from small devices to large-scale installations) and coordinate security-related activities within a cross-functional project setup

Qualification

• Several years of experience as a Security Architect in product software, embedded systems, industrial automation, or OT environments
• Strong knowledge of the Cyber Resilience Act (CRA) and relevant standards such as IEC 62443
• Proven experience translating regulatory requirements into practical, implementable security architectures in industrial or product environments
• Experience designing secure architectures for Windows- and Linux-based on-premise applications
• Hands-on expertise in secure coding and secure design principles, PKI, certificate and key management, secure interfaces, and industrial protocol security
• Experience in plant engineering, laboratory equipment, industrial systems, or bioprocess environments
• Solid understanding of Secure Software Development Lifecycle (SSDLC) and DevOps principles
• Fluent English (spoken and written); German is a plus

Nice to have

• Experience in the biopharmaceutical or regulated industry
• Knowledge of threat modeling methodologies (e.g., STRIDE)

Requirements

Start :

Duration : 6-9 months

Location: greater Kassel area; 50+% remote